The Georgia Institute of Technology has used so-called honeypots toon the university's network in the past six months, security researchers revealed in a paper published online. The project used a simple network of heavily monitored computers to detect attacks at the school of 15,000 students and some 30,000 networked devices. Earlier this year, the university discovered that from an unprotected server; whether the honeypots were used to detect the intrusion isn't clear.
Several of the compromised machines on the network executed automated worm-like attacks against the network of honeypots, or honeynet, enabling the researchers to detect the attack. In another incident, an attacker used a student's computer to launch intrusions into other systems; the honeynet was among them. The researchers recommend that large organizations use honeypots to detect attacks that might otherwise get lost in the masses of data produced by companies.