Data Control: How can I control what the bad guy is doing?
A critical element to most honeypots, especially Honeynets, is data control, the ability to contain the activity of a bad guy. The purpose of data control is to allow the attacker to gain access and control a honeypot, but not allow them to go back outbound and harm any non-honeypot systems. Some honeypots, mainly low interaction honeypots, do not require data control, as the honeypots do not allow attackers full access to the operating system. High interaction honeypots do require data control. Examples of data control would be a firewall allowing attackers inbound access to the honeypots (so they could attack them) but the same firewall would then block all outbound attacks from the honeypot. You can learn more about different data control solutions at the Honeynet Tools Page.
