Honeytrap – Trap attacks against tcp services

Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information.

The applied model strictly distinguishes between data capture and attack analysis. The process of collecting information related to attacks is completely done within the core system. Further processing like automated analysis can be done with plugins which can be loaded dynamically during runtime. This guarantees expandability without the need of shutting down or even recompile the software.