When creating and maintaining a honeypot in a production environment, be aware that potential privacy (of the hacker) and liability (if the hacker uses your honeypot to launch an attack) issues could exist. Most people—including lawyers who've examined the situation—don't think a honeypot administrator would be liable for much, if anything. But I'd be remiss if I didn't mention this consideration because the liability issue is untested in the U.S. court system. Thus, you might want to obtain legal advice before placing a honeypot or any other monitoring tool in a production environment. For more information about possible legal concerns, go to http://www.honeypots.net/honeypots/links and search on the keyword legal.