Fw: Running Honeyd

["Steve Harvey" <sxh12u () cs nott ac uk>]

After reading the faq i understand that honeyd requires its own ip address
so i decided to set up a virtual ipaddress as follows:

eth0      Link encap:Ethernet  HWaddr 00:04:75:E9:B9:70
         inet addr:128.243.23.175  Bcast:128.243.23.255  Mask:255.255.255.0
        UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
       RX packets:42552 errors:0 dropped:0 overruns:0 frame:0
         TX packets:34748 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:100
         RX bytes:10908297 (10.4 MiB)  TX bytes:3402249 (3.2 MiB)
         Interrupt:5 Base address:0xe800

eth0:1    Link encap:Ethernet  HWaddr 00:04:75:E9:B9:70
         inet addr:128.243.23.174  Bcast:128.243.255.255
Mask:255.255.255.0
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         Interrupt:5 Base address:0xe800

lo        Link encap:Local Loopback
         inet addr:127.0.0.1  Mask:255.0.0.0
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:24870 errors:0 dropped:0 overruns:0 frame:0
         TX packets:24870 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:1016776 (992.9 KiB)  TX bytes:1016776 (992.9 KiB)

i also understand that honeyd requires traffic to be forwarded to it as it
does not intercept any network traffic

so i used arpd to monitor the ipaddress of eth0:1

arpd 128.243.23.174

i can ping ip address but when i nmap the address i get the same response 
as
i would if i nmaped eth0 i.e

PORT   STATE SERVICE
22/tcp open  ssh

Why can i not get arpd to push the traffic to my honeyd...I have noticed
that everyone uses arpd for blocks of ip addresses...i cannot really do 
this
as i want to deploy honeyd on my university network and the security group
would not be best impressed if i stole all their unused ips!

Thanks

Steve Harvey