Honeypots mailing list archives
Re: "Honeynets" vs. "Honeypots"
From: Lance Spitzner <lance () honeynet org>
Date: Sun, 23 Mar 2003 19:20:17 -0600 (CST)
On Sat, 22 Mar 2003, Scott - cb750c wrote:
I have kind of a silly terminology question that I'd like to clear up. What differentiates a honeynet vs. a honeypot? I'm building a high-interaction GenI setup with only two machines, a firewall and a honeypot. Is this a honeynet or not? In the whitepaper I'm writing, I refer to the entire setup as a honeynet (since this setup is not part of our production network) and reserve the term honeypot for the machine which is intended to be compromised. I want to make sure I'm being accurate.
From my perspective, a Honeynet is nothing more then one type of honeypot.
Its one of the more complex in that it is actually a network made up of systems designed to be hacked. Now, the thing I still haven't figured out is what exactly to call those systems within your Honeynet network. Do you call them honeypots (but the Honeynet is actually one type of honeypopt), do you call them targets systems, do you call the victims? I still have figured that one out and tend to waffle between names :-0 My recommendation, go with whatever you are the most comfortable with. For more details, you may want to check out Honeypots: Definitions and Value http://www.spitzner.net/honeypots.html lance
Current thread:
- "Honeynets" vs. "Honeypots" Scott - cb750c (Mar 22)
- RE: "Honeynets" vs. "Honeypots" Andrew Hintz (Drew) (Mar 22)
- Re: "Honeynets" vs. "Honeypots" Lance Spitzner (Mar 23)
- Re: "Honeynets" vs. "Honeypots" George Bakos (Mar 26)
- <Possible follow-ups>
- Re: "Honeynets" vs. "Honeypots" HoneyNet Germany (Mar 23)