VirtualHoneypots

From Rory.wiki

Jump to: navigation, search

Initial Thoughts

It'd be very useful if an attacker could be redirected to a fake system seamlessly and then logged in the attack.

Would it be possible to combine IDS/IPTABLES and a VM to automatically forward all traffic from a detected attacker to the honeypot machine allowing for the attack to continue without risking the main host...

Retrieved from "http://wiki.mccune.org.uk/index.php/VirtualHoneypots"