Projects / honeyd


Honeyd is a small daemon that creates virtual hosts on a network. The hosts can be configured to run arbitrary services, and their TCP personality can be adapted so that they appear to be running certain versions of operating systems. Honeyd enables a single host to claim multiple addresses on a LAN for network simulation. It is possible to ping the virtual machines, or to traceroute them. Any type of service on the virtual machine can be simulated according to a simple configuration file. Instead of simulating a service, it is also possible to proxy it to another machine.

Operating Systems

Recent releases

  •  29 May 2007 07:44

    Release Notes: This version includes proper handling of ARP packets. It also adds support for Mac OS X by automatically disabling kqueue and poll on Mac OS X, so that Honeyd gets notified on bpf events. It's easier to compile due to removed dependence on libdnsres; libevent's DNS support is used instead. A more flexible configuration of proxy directive supports hybrid honeypot environments.

    •  19 Aug 2006 19:42

      Release Notes: A crash in the ARP handling code was fixed. The default actions for UDP packets were fixed.

      •  19 Mar 2006 06:34

        Release Notes: Subsystem support was improved. A stats collector was added. SMTP and Proxy subsystems were added for high-performance. Security fixes were done.

        •  02 Jan 2005 21:17

          Release Notes: This release adds an internal Web server that shows traffic statistics. Support for statistics reporting so that an aggregator daemon can collect statistics from Honeyd deployments around the world to detect new worms. Support for DHCP Honeypots. A security update check that provides warnings on the Web interface and in syslog if the current Honeyd version has known vulnerabilities.

          •  20 Apr 2004 06:10

            Release Notes: Several bugs that would cause operating system detection with nmap to fail were fixed along with compilation issues for honeydctl on Linux and *BSD. Support for log rotation via SIGUSR1 was added.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.