Introduction

Questions developers, system administrators, researchers, and threat hunters ask:

1. Which honeypots, honeyclients and honeyports?
2. Which tools to integrate with?
3. What kind of attacks to capture?
4. What vulnerabilities to emit?
5. How hard must it be to detect it?

Wrong design decisions may result in collecting irrelevant information or even exposing the deception technology itself.

These writeups are my notes on the evolution and common problems with honeypots (end 2023).

• Tactics
• Taxonomies
• Roadmaps
• Detecting honeypots
• Avoiding honeypot detection