This document discusses honeypots, which are decoy computer systems used to detect attacks. Honeypots have several advantages, including collecting small but high-value data, requiring minimal resources, and working in encrypted or IPv6 environments. Two specific honeypot tools discussed are Honeyd, an open source low-interaction honeypot that can emulate many operating systems and services, and honeynets, which are entire networks of high-interaction honeypots used to capture extensive attacker activity. The document compares several honeypot products and outlines first and second generation honeynet architectures.