Every computer connected to a wide computer network is vulnerable to the occurrence of data, information, resources and services that exist in the system from actions such as intrusion, wiretapping, theft and misuse of important data to damage to network systems, which are carried out by irresponsible intruders, wiretapping, theft and misuse of important data by individuals, groups, within a company/government agency or private sector, even damage to computer network systems may occur. in a company, which is done by an intruder or attacker who is not responsible. Honeypot honeyd is a method that can be applied, implemented in medium to large scale companies, especially those that have implemented computer-based systems and technology, to prevent, anticipate bad actions before they occur and take quick action when bad impacts occur. Honeypot honeyd with low-interaction, which is to interact indirectly with the attacker, because honeyd positions itself as a bait or a shadow server that is deliberately attacked so that the results of the attack can be known and analyzed. In this research, honeyd honeypot is a shadow server that resembles a real server, which has several services along with ports that are deliberately opened for attack. The results of this research can be seen that there is an infiltration or direct attack, seen from the increase in network traffic above normal on the monitor system, and also can be seen log files from Honeyd in detail what the attackers have done or are currently doing to be analyzed and then take precautions, anticipation, socialization of security in carrying out activities that are directly related to the outside world through the network, improving both servers, network systems and existing services. Thus the honeyd honeypot can help save important data, resources and can improve computer network security systems.