Honeypot

Honeypot in large networks

Maintaining honeypot in large network. Protecting network with one honeypot instance.


Concept



G - local gateway
V - Virtual IP in local subnet


Prepare honeypot server in separate LAN segment. Reserve one IP address in each subnet. Create virtual IP (destination NAT) redirect traffic to honeypot.
R1 LAN1 192.168.0.2 -> 192.168.100.10
R1 LAN2 192.168.1.2 -> 192.168.100.10
R2 LAN3 192.168.2.2 -> 192.168.100.10
R2 LAN4 192.168.3.2 -> 192.168.100.10

All network scan (192.168.x.2) will be redirected to honeypot.
One honeypot will monitor whole network.