Abstract: To protect local networks from becoming infected by Internet worms, administrators have developed a tool call an Intrusion Detection System (IDS) to detect intrusions and generate alerts. These systems have not been significantly successful in slowing a worm's propagation at the Internet level because of the time required to react to the worm's presence and take the next step to quarantine it. What is needed is an automated prevention mechanism that will respond nearly instantaneously to a worm's intrusion and halt its ppropagation through the network. A recently developed architecture called a honeypot has the potential to perform this function. A honeypot s a vulnerable system on a netowrk that waits to be attaced by malicious agents. When several honeypots are joined together to create a honeynet, the resulting structure becomes a valuble tool to intercept worms as t hey enter th e local netowrk. This honors project consists of building a virtual honeynet on a test network and analyzing its ability to prevent a worm from spreading on the network. This paper includes an overview of Internet worms, honeynets and IDSs, a detailed methodology of the experiement, and an analysis of the effectiveness of honeynets to protect network resources from worms.