This document outlines the fundamental elements included within the design of a high- interactive Honeypot  system for the iPhone 3G/S to identify the activities and motives of malicious users which attempt to compromise the security of mobile technologies.
A high-interactive Honeypot is a trap set to detect and observe attempts at unauthorised use of information systems consisting of a device that appears to be part of a network but is in fact actually isolated, vulnerable and monitored . By taking this concept and applying it to a Smartphone device, it is possible to allow attackers fully compromise the device while collecting important information on the techniques and tactics used to gain unauthorised access.
The project aims to take a novel approach by developing a three part application for the iPhone 3.1.2 OS. These aim to (1) intercept and record network connection activity, (2) to simulate the OpenSSH service to capture and record the entire interactive session and (3) to covertly send them to a secure remote location for analysis. By capturing this data, it will be possible to determine the origin, the tools and techniques used and the motives behind the attack.
By default, jailbroken [5, 6] iPhones install OpenSSH . OpenSSH is a remote login service which is configured for remote access by the user “root”. This account has a default password of “alpine” . By exploiting this fact, it is possible to construct a small private network which exposes the iPhone device to the Internet on port 22 (OpenSSH) with the use of a static address. It is important not to advertise the system as vulnerable as this may suggest the use of a Honeypot system.
The challenges faced are the appropriate methods and techniques used to;
- Simulate an OpenSSH service and record all session related activity
- Intercept and record all network communication to and from the iPhone
- Covertly store all collected data to a secure remote system for analysis
- C Programming Programming Tools
- iPhone OS
- Eclipse IDE / XCode
- iPhone SDK 
- Static Address
- Network router (with firewalling capabilities)
- Unmanaged network switch
- iPhone 3G/S running jailbroken iPhone OS 3.1.2
- Libpcap 1.1.1 
- Learning Challenges
- C Programming on iPhone OS Architecture
- The Official Honeynet Project, http://www.honeynet.org
- Mohonk: Mobile honeypots to trace unwanted traffic early, B. Krishnamurthy, AT&T Labs-Research
- Sebek, The Honeypot Project, http://www.honeynet.org/project/sebek
- Honeypot (computing), http://en.wikipedia.org/w/index.php?title=Honeypot_(computing)&oldid=3 48990142 (last visited Apr. 11, 2010).
- iPhone Dev Team Blog, http://blog.iphone-dev.org/post/376648600/pre-game-show
- Blackra1n, Application to jailbreak iPhones for Windows and Mac, http://blackra1n.com
- OpenSSH on iPhone, http://www.appleiphoneschool.com/openssh/
- Default root password on iPhones, http://www.mydigitallife.info/2007/08/12/apple- iphone-root-password-and-mobile-user-password/
- Universal TUN Driver (developed as an EKM) for the iPhone, http://www.hackint0sh.org/f126/10368.htm
- iPhone Software Development Kit (SDK), http://developer.apple.com/iphone/index.action
- TCP Dump / Libpcap Library, http://www.tcpdump.org