Evolutions in the honeypot/honeynet arena

Traditionally a honeypot was a (somewhat) vulnerable system that you let get infected in order to learn something form it. This newer breed is more an an automated system to catch malware without getting the system infected.

mwcollect is an automated downloader of malware.

Along the same lines is nepenthes a system that emulates known vulnerabilities in order to catch the exploits thrown at it.

Argos system, designed to detect arbitrary control flow and arbitrary code execution attacks. It is build on top of QEMU for the emulation of x86 processors.