New features include:
* Statistics Collector: A daemon that can process netflow-like information
exported by several Honeyd instances and do computations on the data - see
live data.
* Improved Subsystems: Improved support for subsystems permits running more
complicated UNIX applications like mwcollect as a subsystem for Honeyd.
* Proxy and SMTP subsystems: Example subsystems to simulate open proxies and
mail relays. These subsystems are written with performance in mind and have
no problem in keeping up with a busy network.
Bugfixes include:
A bug in Honeyd's IP reassembly code allows adversaries to remotely fingerprint
honeypots. Thanks to Jon Oberheide for finding the bug; see adv.2006-01 for
more information
Portelli with minor changes by me.
Honeyd is a small daemon that creates virtual hosts on a network. The hosts
can be configured to run arbitrary services, and their personality can be
adapted so that they appear to be running certain operating systems. Honeyd
enables a single host to claim multiple addresses - I have tested up to
65536 - on a LAN for network simulation. Honeyd improves cyber security by
providing mechanisms for threat detection and assessment. It also deters
adversaries by hiding real systems in the middle of virtual systems.
