First page Back Continue Last page Summary Graphics

Physical vs. Virtual Honeypots: Typical physical honeypot

Gateway machine is the only one with internet access
Logging machine is a secure isolated machine on a private network
Honeypot communicates through the gateway and logs to the logging machine

Notes:

These are the constraints which lead to the requirement of three boxes.
A separate gateway is needed to firewall the honeypot, log network traffic, and to block its access to the net, if necessary.
A separate logging machine is needed in order to log activity with a minimum of possible interference from nasty people inside the honeypot.

Physical vs. Virtual Honeypots: Typical physical honeypot

Gateway machine is the only one with internet access

Logging machine is a secure isolated machine on a private network

Honeypot communicates through the gateway and logs to the logging machine

Notes: