how efficiently I can use honeyd/Hoenypots

[Ravi <ravivsn () roc co in>]

Greetings all,
 This is my first posting to this mailing list.
I am very much fascinated by this technology, Pls Help me how 
efficiently I can use honeyd/Hoenypots.

I have seen articles describing the results after evaluating honeypots 
and honeyd for production and research as well. As these honeypots 
became almost stable can we start using honeypots to benchmark other 
IPS/IDS products.
I would like to know How well can I  use honeypots to evaluate IPS/IDS 
products.

I think of following scenario:

Nessus-------- IPS---------Honeypot
                                         |
                                         |
                                         ----- snot


Nessus will generate attacks to exploit IPS, HOneypot or Honeyd will 
receive the attacks when IPS fails to block the attacks. Snot will be 
used as  packet logging and to group the attacks received to 
Honeypot/HoneyD.
I assume this way I can evaluate IPS products.

Coming to the drawbacks of such a set-up:
   - We have made assumption that HoneyPot/HoneyD is almost stable
   - The evalutaion is also depending on snot capablility of logging 
packets. Snot s performance to work under high loads may effect the 
evaluation
  

I request if anyone who have evaluated any IPS products share their 
experiences and help to do so. And any idea of Nessus scripts to 
evaluate IPS.

Best Regards,
Thanks in advance,
-Ravi