First page Back Continue Last page Summary Graphics
UML as a honeypot
Fully authentic Linux environment
Full network, file systems, etc
full root access
fully controllable from host
In honeypot mode, UML is vulnerable to the same exploits as the host
After you are convinced of the advantages of virtual honeypots over physical ones, we get into the advantages of using UML.
It's a completely authentic Linux environment with all the protocols, devices, and filesystems that are available with a physical Linux machine. An intruder can be root without endangering the host.
There is also a honeypot mode, in which UML is vulnerable to the same stack smash exploits as the host. Normally, it's not, since it puts process stacks in a different location than the host.