Skip to main content



Find us on

facebook youtube flickr twitter itunes u logo

Upcoming Events

Sal Stolfo

Salvatore J. Stolfo Columbia University
A Brief History of Symbiote DefenseTuesday, October 31st
Rockefeller 003
5:00 PM

 Fright Night Imge

Wanna See Something REALLY Scary?
ISTS Looks at the Dark Web on Halloween Night
Tuesday, October 31st
Sudikoff  045 Trust Lab (dungeon)
7:30 PM - RSVP
Space is Limited 


Recent Talks

Dan Wallach

STAR-Vote: A Secure, Transparent, Auditable and Reliable Voting System

Professor Dan Wallach
Rice University
Thursday April 27, 2017
Carson L01, 5:00 PM

Ben Miller Dragos

Pandora's Power Grid - What Can State Attacks Do and What Would be the Impact?

Ben Miller
Chief Threat Officer, Dragos, Inc.
Tuesday May 2, 2017
Kemeny 007, 4:30 PM
Brendan Nyhan




Factual Echo Chambers? Fact-checking and Fake News in Election 2016.

Professor Brendan Nyhan
Dartmouth College
Thursday May 4, 2017
Rocky 001, 5:00 PM

Dickie George


Espionage and Intelligence

Professor Dickie George
Johns Hopkins University
Thursday May 11, 2017
Rocky 001, 5:00 PM

Dan Wallach

A Nation Under Attack: Advanced Cyber-Attacks in Ukraine

Ukrainian Cybersecurity Researchers
Thursday April 6, 2017
Oopik Auditorium 5:30 PM

ISTS Information Pamphlet



Institute for Security, Technology, and Society
Dartmouth College
6211 Sudikoff Laboratory
Hanover, NH 03755 USA

User Mode Linux (UML)/HoneyNet

Project Summary

Law enforcement consistently requests more comprehensive data on electronic crime to combat existing threats and become aware of new trends. The User mode Linux Operating environment is the software and operating system technology behind the ISTS Honeynet project, which addresses this need. The project strives to provide easily installed software-only emulation of a complete computer running on the Linux operating system. The honeynet effort is focused on turning UML into a production honeypot system.

The UML Honeypot enhancements developed at ISTS have supported many honeynet deployments, although, for many reasons, privacy concerns not being the least of them, most sites prefer to analyze their data in-house and only make public high-level abstractions and certain supporting details. In response to this trend, the ISTS Distributed Honeypot System project will continue to build upon the foundations laid by the UML Honeypot development and further automate the deployment and management of large numbers of honeynets.

Tiny Honeypot, originally developed independent of ISTS by George Bakos, has become an important component of the ISTS Honeypot toolkit where a lightweight service emulator is needed. It can be rapidly configured to capture new worms and other automated attacks, and has been key in the capture and analysis of several Internet-wide events, including Calypso, Nachia, Sapphire and SQL Snake.

Last Updated: 9/11/12