I've just posted a whitepaper I thought many of you
would be interested in "To Build a Honeypot".
This article is a follow up to the "Know Your Enemy"
series. Many people from the Internet community asked
me how I was able to track black-hats in the act of
probing for and compromising a system. This paper
discusses just that. Here I describe how I built,
implemented, and monitored a honeypot network designed
specifically to learn how black-hats work. I would
greatly appreciate any feedback or recommendations.
Internetworking & Security Engineer
Dimension Enterprises Inc