Hi
I'm in search of a method to test an customized application that scans the traffic and detects p2p packets, then it builds a set of connections of possible malicious nodes, botnets in particular.
I need data to write an essay in order to guarantee the efficiency of the program. Which tools are required? I found this project http://ghh.sourceforge.net/gettingstarted.php that seems to requires a web server and few others passages, while the honeynet project https://www.honeynet.org/ has a long procedure. What are the main differences?
Is the honeypot the best method to perform my purpose or are there easier ways?