SPECTER is a smart honeypot-based intrusion detection system. It simulates a vulnerable computer, providing an interesting target to lure hackers away from the production machines. SPECTER offers common Internet services such as SMTP, FTP, POP3, HTTP and TELNET which appear perfectly normal to the attackers but in fact are traps for them to mess around and leave traces without even knowing that they are connected to a decoy system, which does none of the things it appears to do, but instead logs everything and notifies the appropriate people. Furthermore, SPECTER automatically investigates the attackers while they are still trying to break in. SPECTER provides massive amounts of decoy content including images, MP3 files, email messages, password files, documents and all kinds of software. It dynamically generates decoy programs that will leave hidden marks on the attacker’s computer. Automated online updates of the system’s content and vulnerability database allow the honeypot to change constantly without user interaction. And last but not least, the brand-new WATCHER module introduced in version 8.0 allows SPECTER to function as the ultimate tripwire by detecting every ICMP packet, every TCP connection and every UDP datagram, on every port.