Honeynet Project

GenI Honeynets
Data Control:
Prevent compromised honeypots from causing harm.
Stateful firewall counts outgoing connections.
Alerting on suspicious traffic.

Data Capture:
Store data remotely without alerting attacker.
Firewall logs packet flow information.
Intrusion detection system records packet data and alerts.
Remote syslog server to record internal data from honeypots.

Limitations:
Counting outgoing connections allows launch of a few exploits.
Adversary can detect honeynet by fingerprinting.