                                                           .:: Potting The HoneyPot ::.

This post is strictly correlated with the previous Malware Hunting.

As mentioned earlier, there is a big necessity of automated collection tecnology, such as generic Malware Collector and HoneyPots.

In computer terminology, a honeypot is a trap set to detect, deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data or a network site that appears to be part of a network but which is actually isolated, (un)protected and monitored, and which seems to contain information or a resource that would be of value to attackers. A honeypot that masquerades as an open proxy is known as a sugarcane.

It's necessary to distinguish between various kinds of HoneyPots, but we're intersted to the Malware Collectors

The most easy and little is MultiPot { http://labs.idefense.com/software/malcode.php#more_multipot }

mwcollect { http://www.mwcollect.org/ }

nepenthes { nepenthes.mwcollect.org/ }

Argos { http://www.few.vu.nl/argos/ }
" Argos is a full and secure system emulator designed for use in honeypots. It is based on Qemu, an open source emulator that uses dynamic translation to achieve a fairly good emulation speed."

Honeyd { http://www.citi.umich.edu/u/provos/honeyd/ }

"Honeyd is a small daemon that creates virtual hosts on a network. The hosts can be configured to run arbitrary services, and their personality can be adapted so that they appear to be running certain operating systems."

HoneyBOT { http://www.atomicsoftwaresolutions.com/honeybot.php }

"HoneyBOT is a Windows based medium interaction honeypot solution"

This HoneyPot supports in a great manner malicious uploading, so can be used for Malware Collection.

Around here, there are also many HoneyPot Projects developed by various organizations that are referred to a common big project, the HoneyNet Alliance { http://www.honeynet.org/alliance/ }

In my experience I've seen that the most flexible and powerful HoneyPot Framework, is Honeyd.
Honeyd can be used in different areas of system security, Network Decoys and the most intersting (for me) Detecting Collecting Worms.

This post is only intended as a collection of most used and good honeypots, is important to choise good traps and is foundamental to have a great upgradeability to emulate the newest vulnerabilities.