A honeynet within the German research network – Experiences and results
ISSN der Zeitschrift
Detection of intrusions and malware & vulnerability assessment, GI SIG SIDAR workshop, DIMVA 2004
Regular Research Papers
Gesellschaft für Informatik e.V.
A honeynet is a special prepared network which is not used in normal business. It is a kind of playground to watch and learn the tactics of crackers. The only purpose of a honeynet is to be probed, attacked or compromised. During the operation other systems may not be harmed by an attack originated within the honeynet. In this paper the design, realization and operation of a honeynet built within the German Research Network (DFN) will be described. Concepts for continuously monitoring and securing the honeynet are introduced. A selection of the results of the operation phase will be presented as well.