Honeyd
Small daemon that creates virtual hosts on a network (honeypot). Can be used as a virtual honeynet, for network monitoring, or as a spam trap. For *BSD, GNU/Linux, and Solaris.
http://www.citi.umich.edu/u/provos/honeyd/

Honeypots
Information covering intrusion detection and prevention systems, research and production honeypots, and incident handling. Also provides general overview of network security issues.
http://www.honeypots.net/

SourceForge.net: Project - HoneyView
A tool to analyze honeyd-logfiles of the honeyd-daemon. Generates graphical and textual results from queries against the logfile data.
http://sourceforge.net/projects/honeyview

Deception ToolKit (DTK)
A toolkit designed to make it appear to attackers as if the system running DTK has a large number of widely known vulnerabilities.
http://all.net/dtk/index.html

SecurityFocus: Dynamic Honeypots
Honeypots that dynamically learn your network then deploy virtual honeypots that adapt to your network.
http://www.securityfocus.com/infocus/1731

SecurityFocus: Fighting Internet Worms With Honeypots
This paper evaluates the usefulness of using honeypots to fight Internet worms and perform counterattacks.
http://www.securityfocus.com/infocus/1740

SecurityFocus: Honeytokens -The Other Honeypot
This paper discusses honeytokens, honeypots that are not computers, but rather digital entities that are stored in a restricted part of the network.
http://www.securityfocus.com/infocus/1713

An Evening with Berferd
A hacker is lured, endured, and studied. One of the first examples of a honeypot. First published in 1992.
http://all.net/books/berferd/berferd.html

SecurityFocus: Problems and Challenges with Honeypots
Article discussing issues with Honeypot technology, focusing on dealing with the possibility of your Honeypot being detected (and potentially abused) by an attacker.
http://www.securityfocus.com/infocus/1757

Honeypots: Monitoring and Forensics Project
Techniques, tools and resources for conducting Honeypot Research and Forensic Investigation. White papers include monitoring VMware honeypots, apache web server honeypots, and VMware honeypot forensics.
http://honeypots.sourceforge.net/

Honeypotting with VMware
An article about how to use VMware to produce honeypots to catch system intruders.
http://www.seifried.org/security/ids/20020107-honeypot-vmware-basics.html

Securityfocus: Fighting Spammers With Honeypots
This paper evaluates the usefulness of using honeypots to fight spammers.
http://www.securityfocus.com/infocus/1747

Talisker Security Wizardry: Honeypots
Describes different commercial and freeware honeypots.
http://www.securitywizardry.com/honeypots.htm

Back Officer Friendly
Created to detect when anyone attempts a Back Orifice scan against your computer. Also detects attempted connections to other services, such as Telnet, FTP, SMTP, POP3 and IMAP2.
http://www.nfr.com/resource/backOfficer.php

LaBrea Tarpit
A program that creates a tarpit or, as some have called it, a "sticky honeypot".
http://labrea.sourceforge.net/

SecurityFocus: Honeypot Farms
This article is about deploying and managing honeypots in large, distributed environments through the use of Honeypot Farms.
http://www.securityfocus.com/infocus/1720

Honeypot + Honeypot = Honeynet
Article discussing the creation of the Honeynet Project.
http://www.eweek.com/article2/0,4149,1244323,00.asp

SecurityFocus: Wireless Honeypots
Article discussing the use of honeypot technology to combat attacks on wireless networks.
http://www.securityfocus.com/infocus/1761

SecurityDocs - Honeypots
Directory of articles, white papers, and documents on honeypots and other security topics.
http://www.securitydocs.com/Intrusion_Detection/Honeypots

Honeynet.BR
Brazilian Honeypots Alliance. Includes tools to summaries honeyd logs, mydoom.pl (A perl script which emulates the backdoor installed by the Mydoom virus), and an OpenBSD LiveCD Honeypot.
http://www.honeynet.org.br/

Honeynet Security Console (HSC)
HSC is an analysis tool to view events on your personal honeynet. View and correlate events from Snort, TCPDump, Firewall, Syslog and Sebek logs.
http://www.activeworx.org/

SCADA HoneyNet Project
SCADA HoneyNet Project: Building Honeypots for Industrial Networks (SCADA, DCS, and PLC architectures).
http://scadahoneynet.sourceforge.net/

fakeAP
Generates thousands of counterfeit 802.11b access points for use as part of a honeypot or to confuse Wardrivers, NetStumblers, Script Kiddies, and other undesirables.
http://www.blackalchemy.to/project/fakeap/

Honeywall CDROM
A honeynet gateway on a bootable CDROM.
http://www.honeynet.org/tools/cdrom/

Know Your Enemy: GenII Honeynets
An Introduction to second generation honeynets (honeywalls).
http://www.honeynet.org/papers/gen2/

Basted
A program that acts as a honeypot for spammers who use spambots to harvest email addresses from Web sites.
http://basted.sourceforge.net/

Impost
Impost can either act as a honey pot and take orders from a Perl script controlling how it responds and communicates with connecting clients; or it can operate as a packet sniffer and monitor incoming data to specified destination port supplied by the command-line arguments (pre-release version available).
http://impost.sourceforge.net/

WebMaven (Buggy Bank)
WebMaven is an intentionally broken web application. It is intended to be used in a safe legal environment (your own host) as a training tool, as a basic benchmark platform to test web application security scanners and as a Honeypot.
http://www.mavensecurity.com/webmaven

spank
A collection of programs to deploy, run and analyse network and host simulations in IP networks.
http://spank.sourceforge.net/

SecurityFocus: Defeating Honeypots - Network issues, Part 1
Article discussing methods hackers use to detect honeypots.
http://www.securityfocus.com/infocus/1803

Spanish Honeynet Project
Independent non-profit research organization of security professionals dedicated to information security focused on honeynet technologies.
http://www.honeynet.org.es

The Team Cymru Darknet Project
A Darknet is a portion of routed, allocated IP space in which no active services or servers seemingly reside. However, there is in fact include at least one server for real-time analysis or post-event network forensics.
http://www.cymru.com/Darknet/

Spampoison
Website set up to deliver almost infinite numbers of bogus email addresses to email harvesting bots.
http://www.spampoison.com/

Installing a Virtual Honeywall using VMware
This paper explains how to go about configuring VMware to deploy a Honeywall, combining the advantages offered by the Honeywall CDROM and the virtual environments.
http://www.honeynet.org.es/papers/vhwall/

Building a GenII Honeynet Gateway
This is a short guide to build a GenII Honeynet Gateway, also called a Honeywall, under Linux, broaching the most common problems and providing several solutions and tips.
http://www.honeynet.org.es/papers/honeywall/

Project Honey Pot: Distributed Spam Harvester Tracking Network
A free, distributed, open-source project to help website administrators track, stop, and prosecute spam harvesters stealing email addresses from their sites.
http://www.projecthoneypot.org/

Honeyd Control Center
Honeyd configuration wizard, a SQL Interface, and reports.
http://zope.org/Members/Ioan/HoneydCenter

Sombria Honeypot System
A honeypot system and "Honeypot Exchange Program."
http://www.lac.co.jp/business/sns/intelligence/sombria_e.html

Honeypotting: The Complete Documentation
Index of over 75 papers on Honeypots.
http://l0t3k.org/security/docs/honeypotting/en/

GHH - The "Google Hack" Honeypot
GHH emulates a vulnerable web application by allowing itself to be indexed by search engines. It is hidden from casual page viewers, but is found through the use of a crawler or search engine.
http://ghh.sourceforge.net/

SecurityFocus: Defeating Honeypots: System Issues, Part 1
This two-part paper discusses how hackers discover, interact with, and sometimes disable honeypots at the system level and the application layer.
http://www.securityfocus.com/infocus/1826

thp - Tiny Honeypot
A simple honey pot program based on iptables redirects and an xinetd listener.
http://www.alpinista.org/thp/

Know your Enemy: Phishing
This white paper aims to provide practical information on the practice of phishing and draws on data collected by the German Honeynet Project and UK Honeynet Project.
http://www.honeynet.org/papers/phishing/

mwcollect
A solution to collect worms and other autonomous spreading malware in a non-native environment like FreeBSD or Linux. Some people consider it a next generation honeypot, however computers running mwcollect cannot actually be infected with the malware.
http://www.mwcollect.org

Honeybee
A tool for semi-automatically creating emulators of network server applications.
http://www.thomas-apel.de/honeybee/

KeyFocus - KF Sensor - Honey pot IDS
A Windows honeypot designed to attract and detect hackers by simulating vulnerable system services and trojans.
http://www.keyfocus.net/kfsensor/

The Strider HoneyMonkey Project
Microsoft Research project to detect and analyze Web sites hosting malicious code using client-side honeypots.
http://research.microsoft.com/HoneyMonkey/

Honeypots: Tracking Hackers
White papers, mailing list and other resources related to honeypots.
http://www.tracking-hackers.com/

Philippine Honeynet Project, Philippines
Philippine Honeynet Project. Includes transcript of a VMWare Honeynet using Windows XP / Windows 2000 as the base OS.
http://www.philippinehoneynet.org

Anton Chuvakin Honeynet Reseach and Live Stats
Live honeynet data, papers produced as a result of the honeynet research and other honeypot and honeynet related resources.
http://www.chuvakin.com/honeynet/

SécurIT
LogIDS, LogAgent, SécurIT Intrusion Detection Toolkit, and ComLog (a cmd.exe wrapper)
http://securit.iquebec.com/

Netbait
Netbait Commercial Honeypot.
http://www.netbaitinc.com

The Portuguese Honeynet Project
Information on their honeypot farm using HoneyMole.
http://www.honeynet-pt.org

Nepenthes
A low interaction honeypot designed to emulate vulnerabilties worms use to spread, and to capture these worms.
http://nepenthes.mwcollect.org/

Medium Interaction Honeypots
Document outlines the weaknesses of different existing approaches to catch malware – especially bots – and shows how Medium Interaction Honeypots solves these problems.
http://www.pixel-house.net/midinthp.pdf

UK Honeynet Project
Provides information surrounding security threats and vulnerabilities active in the wild on UK networks. Home of Honeysnap, tool to analyse Honeywall pcap files and extract summary information.
http://www.ukhoneynet.org/

The Bait and Switch Honeypot System
A system that redirects all hostile traffic from your production systems to a honeypot that is a partial mirror of your production system. Once switched, the would-be hacker is unknowingly attacking your honeypot instead of the real data.
http://baitnswitch.sourceforge.net/

Honeyblog
A weblog about with IT-security, honeypots, and honeynets.
http://honeyblog.org/

Know Your Enemy: Learning more about phishing
A detailed analysis of phishing through compromised web servers.
http://www.honeynet.org/papers/phishing/details/index.html

SecurityFocus: Microsoft looks to "monkeys" to find Web threats
Article discussing how Microsoft have developed a series of Windows XP clients, dubbed "honeymonkeys", that crawl the Web finding sites that use unreported vulnerabilities to compromise unsuspecting users.
http://www.securityfocus.com/news/11173

Honeyclient Development Project
Honeyclient news, downloads, and information.
http://www.honeyclient.org/trac

Open Proxy Honeypot
Web Application Security Consortium Distributed Open Proxy Honeypot Project.
http://www.webappsec.org/projects/honeypots/

Deploying and Using Sinkholes
Configuring and deploying Sink Hole Routers, which are the network equivalent of a honey pot.
http://www.arbornetworks.com/dmdocuments/Sinkhole_Tutorial_June03.pdf

Honeycomb
A system for automated generation of signatures for network intrusion detection systems (NIDSs).
http://www.cl.cam.ac.uk/~cpk25/honeycomb/index.html

Chinese Honeynet Project
The Artemis Project (Chinese Honeynet Project).
http://www.honeynet.org.cn

Honeynet.org: Tracking Botnets
Paper on the use of honeynets to learn more about botnets. Covers uses of botnets, how they work and how to track them.
http://www.honeynet.org/papers/bots/

Client honeypot / honeyclient
Wikipedia article on client honeypots.
http://en.wikipedia.org/wiki/Client_honeypot_/_honeyclient

HoneyC Low-Interaction Client Honeypot
A platform independent low interaction client honeypot that allows identify rogue servers on the web.
https://projects.honeynet.org/honeyc/

Honeywall
The Honeywall CDROM is a bootable CD that installs onto a hard drive and comes with all the tools and functionality for you to implement data capture, control and analysis.
https://projects.honeynet.org/honeywall

Capture
A high interaction client honeypot. A client honeypot is a security technology that allows one to find malicious servers on a network.
https://projects.honeynet.org/capture-hpc

HoneyBOT
A free windows based medium interaction honeypot solution.
http://www.atomicsoftwaresolutions.com/honeybot.php

New Zealand Honeynet project
Papers and information on honeypots, especially application layer, e.g. PHP applications, from the New Zealand branch of the Honeynet project (http://www.honeynet.org/).
http://www.nz-honeynet.org

MITRE Honeyclient Project
The first open source client honeypot.
http://www.honeyclient.org

NoAH
European Network of Affiliated Honeypots.
http://www.fp6-noah.org/

MicroSolved, Inc.
Seller of HoneyPoint family of products.
http://microsolved.com/