From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-128474-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1R4srd-0006DK-W5
	for garchives@archives.gentoo.org; Sat, 17 Sep 2011 11:15:18 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 6858C21C179;
	Sat, 17 Sep 2011 11:15:04 +0000 (UTC)
Received: from outbound.icp-osb-irony-out8.iinet.net.au (outbound.icp-osb-irony-out8.iinet.net.au [203.59.1.134])
	by pigeon.gentoo.org (Postfix) with ESMTP id 65F6B21C148
	for <gentoo-user@lists.gentoo.org>; Sat, 17 Sep 2011 11:14:13 +0000 (UTC)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av0EACuAdE46B4wL/2dsb2JhbABBhFWjC3eBfX4NAiYCX5x9jWGRF4EshDuBEQSHbZB5H4t+
X-IronPort-AV: E=Sophos;i="4.68,398,1312128000"; 
   d="scan'208";a="149860826"
Received: from unknown (HELO moriah.localdomain) ([58.7.140.11])
  by outbound.icp-osb-irony-out8.iinet.net.au with ESMTP; 17 Sep 2011 19:14:11 +0800
Received: from localhost (localhost [127.0.0.1])
	by moriah.localdomain (Postfix) with ESMTP id 6302253BC1
	for <gentoo-user@lists.gentoo.org>; Sat, 17 Sep 2011 19:14:11 +0800 (WST)
X-Virus-Scanned: amavisd-new at lan.localdomain
Received: from moriah.localdomain ([127.0.0.1])
	by localhost (moriah.lan.localdomain [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id RFuz5DGk2Xwn for <gentoo-user@lists.gentoo.org>;
	Sat, 17 Sep 2011 19:14:07 +0800 (WST)
Received: from [127.0.0.1] (localhost [127.0.0.1])
	by moriah.localdomain (Postfix) with ESMTP id 56F7F44ACD
	for <gentoo-user@lists.gentoo.org>; Sat, 17 Sep 2011 19:14:07 +0800 (WST)
Subject: [gentoo-user] Whats a good honeypot?
From: William Kenworthy <billk@iinet.net.au>
To: Gentoo Users <gentoo-user@lists.gentoo.org>
Content-Type: text/plain; charset="UTF-8"
Date: Sat, 17 Sep 2011 19:14:06 +0800
Message-ID: <1316258046.7109.10.camel@moriah>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
Mime-Version: 1.0
X-Mailer: Evolution 2.32.2 
Content-Transfer-Encoding: 7bit
X-Archives-Salt: 
X-Archives-Hash: 6fcc98662b87bb51ba42f18eb1fd5659

I am looking at using a honeypot for a research project - need to put
something "safe" to attract packets, scans etc.  I was thinking of a
heavily stripped gentoo vm (in virtualbox) running honeyd, but the
ebuild for honeyd is looking like its getting quite old - according to
the honeyd website its 2007-05-27.

Is there an alternative?  I need to dump raw packets (pcap format) from
an unprotected network connection but dont want to risk getting actually
"hacked".

BillK