Although internet worms and ddos tools cause serious problems to the internet infrastructure during this period, the detection of such issues is not our main goal. We are more interested in observing the techniques deployed by the dedicated criminal hacker who has a specific target. With this point of view we hope that a honeynet will answer questions such as: how easily firewalled networks are penetrated, how long hackers stay within them, do they use special ways of communication to avoid being caught such as covert communication channels and more …