I have a red herring set up on one of my clients' network. The entire network is nice and secure, but I set up a virtual machine with several common remote access ports open. I have installed Radmin, VNC, TeamViewer, Wallcooler, and a few other remote access servers without any password connection. To some unscrupulous soul snooping around, it's probably too good to pass up. The VM is set to log any connections, and pull as much info as possible. As well, there's really nothing anyone can do once they connect, since it's just a frozen desktop in kiosk mode on a VM on a throwaway PC that's relatively isolated from the network and set to disconnect from the network 30 seconds after a connection is made. All would-be invaders see is...
This Network Is
Protected By Gus