Home > IT-Tools > HoneyMole

HoneyMole

May 25th, 2007

The main goal of HoneyMole is to act as a completely Transparent Ethernet Bridge over TCP/IP, tunneling in a safe and easy way, network traffic to a remote location without the need of any kernel patches or modules, or even the need to hide routing in the honeypots.

It can be used to easily deploy honeypot farms of distributed honeypots, transporting network traffic to a central honeypot architecture where data collection and analysis will be done. It can also be used as a very simple and efficient VPN (Virtual Private Network) for any other purposes.

Deploying traditional honeypots and honeynets can be a problem if you have in mind that every honeypot you deploy means more work and resources required to maintain and analyze everything it collects. In the other hand the more honeypots you deploy, the more valid information you can collect.

Honeypot Farms are one way to solve this problem. A honeypot farm is nothing more then a several honeypots located in a single location. You then place redirectors anywhere you want in the world. The redirectors are nothing more then ´virtual honeypots´ that redirect traffic to the honeypot farm.

IT-Tools

Comments are closed.