Spitzner writes: “There is still a great deal of confusion about what a honeypot is and its impact on the security community. I hope this book changes that.” He is right to note that there is confusion, but happily, his book helps to remove it. The book is a pleasant combination of enthusiasm about the technology and realism with respect to its shortcomings.

The author suggests that the intended audience for the book consists of security professionals, but this is too modest; the book will be appreciated by a far wider audience. The author somehow succeeds in writing about a technically challenging topic, while telling a story you can follow without understanding every detail.

The book describes what honeypot technology is, and what it can and cannot do. Readers get a tour of the six most prominent honeypot packages, both free and commercial. There is plenty of information to help you decide if you want to deploy a honeypot yourself. If you do decide to deploy one, the book helps you to understand what it takes to operate it.

The author shares his enthusiasm, but never hides or minimizes the drawbacks and problems. One of these problems is legal. The legality of honeypots casts a shadow over the use of the technology. The discussion of this subject gets its own chapter.

The book is accompanied by a useful CD. As well as software packages to get users started, this includes papers, attack scans, and their analysis. While it would be possible to read the book in a day, you could also immerse yourself in it for weeks.

Security knowledge has much in common with military knowledge. It is important to know your enemy. The security community has been in a vulnerable position here, needing to study the enemy in action. Research honeypots are providing us with invaluable information. Hackers have been proudly sneaking into our systems. Following the publication of this book, they will have to watch their backs. They may be the mice in a honeypot lab.