Honeypot
Victim machine used to draw in attacks
A honeypot is a system set up to draw in malware, spam and hacking attacks.
Any malware or spam that targets the honeypot can be gathered and analysed, either as part of a defence system, where data gleaned from the honeypot system is applied directly to filters protecting genuine systems, or simply for research purposes, where malware samples are gathered for security labs or product testing.
Honeypots often run real versions of the operating system being studied, typically with deliberately weak security - for example lacking security patches and firewalls. Such systems may even be set up to automatically browse websites and open email attachments, spoofing the activities of a real user. Such a honeypot is usually restored to a clean state at regular intervals, to ensure any infections do not interfere with continued operations of the trap.
Alternatively, a honeypot may be a more secure system running a virtual machine, or emulating the access points and responses of a vulnerable machine.
A honeypot dedicated to gathering spam messages is generally known as a spam trap.
