Client Honeypot

Client Honeypots

These are honeypots that initiate connections to a server. These are designed to identify and capture information on threats to client based applications (such as a browser or email)

The NZ Honeynet Alliance has released two client honeypot implementations:

  • Capture-HPC is a high-interaction client honeypot framework. Capture-HPC identifies malicious servers by interacting with potentially malicious servers
    using a dedicated virtual machine and observing its system for unauthorized
    state changes.
  • HoneyC is a low interaction client honeypot framework that allows to find malicious servers on a network. Instead of using a fully functional operating system and client to perform this task, HoneyC uses emulated clients that are able to solicit as much of a response from a server that is necessary for
    analysis of malicious content.

Back To Top

This work is licensed under a Creative Commons License