The number of Internet users is increasing every day. Availability of this technology is no longer a privilege, but everyday fact. Consequently also the network misuses are on the increase. Tools for misusing vulnerable networks/servers are namely freely accessible on internet and easy to use, so the integrity of our network can be seriously threatened also by some common user if the proper tools are being used. No network is safe from breaking in, since the choice of the network attacked is usually random. Intruder in many cases doesn't care which server he is dealing with, so it can be a server of some important company or a server of an individual. Such intrusions can hardly be separated from the usual traffic, since the attackers usually use different techniques that common systems can't distinguish or register (various stealth scanners, such as SYN, FIN, Xmas, Null). Many tools and solutions for improved network security has been developed in recent years. One of them is also honeypot. Value of honeypot is in the very forbidden use of the sources of our network. Usually it is about systems that stimulate extended systems with known vulnerabilities. Compared to other solutions they are more simple to use and don't demand expensive hardware. Besides that, they only capture a small data quantity, which has a high value. Since there are not many data, it is easier to recognise what is relevant and thus we avoid the possibility of getting lost in a huge amount of unnecessary data.

Honeypot workshop will introduce you the basic principles of Honeypots, its advantages and disadvantages and latest solutions available. We will get to know in detail one of the low-interaction varieties, Honeyd by Niels Provos.