First page Back Continue Last page Summary Graphics

UML as a honeypot


After you are convinced of the advantages of virtual honeypots over physical ones, we get into the advantages of using UML.
It's a completely authentic Linux environment with all the protocols, devices, and filesystems that are available with a physical Linux machine. An intruder can be root without endangering the host.
There is also a honeypot mode, in which UML is vulnerable to the same stack smash exploits as the host. Normally, it's not, since it puts process stacks in a different location than the host.