First page Back Continue Last page Summary Graphics

UML as a honeypot

Fully authentic Linux environment
Full network, file systems, etc
full root access
fully controllable from host
In honeypot mode, UML is vulnerable to the same exploits as the host

Notes:

After you are convinced of the advantages of virtual honeypots over physical ones, we get into the advantages of using UML.
It's a completely authentic Linux environment with all the protocols, devices, and filesystems that are available with a physical Linux machine. An intruder can be root without endangering the host.
There is also a honeypot mode, in which UML is vulnerable to the same stack smash exploits as the host. Normally, it's not, since it puts process stacks in a different location than the host.

UML as a honeypot

Fully authentic Linux environment

Full network, file systems, etc

full root access

fully controllable from host

In honeypot mode, UML is vulnerable to the same exploits as the host

Notes: