Hehehe sorry I will be more specific, by a few I don't mean I have been randomly scanning subnets attempting to find some tarpits.

Basically a friend of mine works for an it company and they have deployed tarpits to some of their clients who are using linux firewalls (instead of cisco pix's or the like).

After talking with the customers we decided it would be good to test these systems and find any problems now before their deployed.

After scanning them I have read up on the technology and setup a system on my local network with a tarpit to test with.

Honeypots wouldn't throw off the same results, they are just there pretending to be other machines and services to trap hackers, where as tarpits are ports which will allow a few packets through the firewall to act like a service is running on that port then drop the window size on the pack to zero effectively forcing that connection open.

Memnoch