Honeyd is a small daemon that creates virtual hosts on a network. The hosts can be configured to run arbitrary services, and their TCP personality can be adapted so that they appear to be running certain versions of operating systems. Honeyd enables a single host to claim multiple addresses on a LAN for network simulation. It is possible to ping the virtual machines, or to traceroute them. Any type of service on the virtual machine can be simulated according to a simple configuration file. Instead of simulating a service, it is also possible to proxy it to another machine.
|Licenses||BSD Original GPL|
|Operating Systems||POSIX BSD FreeBSD NetBSD OpenBSD Linux Solaris|
Release Notes: This version includes proper handling of ARP packets. It also adds support for Mac OS X by automatically disabling kqueue and poll on Mac OS X, so that Honeyd gets notified on bpf events. It's easier to compile due to removed dependence on libdnsres; libevent's DNS support is used instead. A more flexible configuration of proxy directive supports hybrid honeypot environments.
Release Notes: A crash in the ARP handling code was fixed. The default actions for UDP packets were fixed.
Release Notes: Subsystem support was improved. A stats collector was added. SMTP and Proxy subsystems were added for high-performance. Security fixes were done.
Release Notes: This release adds an internal Web server that shows traffic statistics. Support for statistics reporting so that an aggregator daemon can collect statistics from Honeyd deployments around the world to detect new worms. Support for DHCP Honeypots. A security update check that provides warnings on the Web interface and in syslog if the current Honeyd version has known vulnerabilities.
Release Notes: Several bugs that would cause operating system detection with nmap to fail were fixed along with compilation issues for honeydctl on Linux and *BSD. Support for log rotation via SIGUSR1 was added.