OpenCanary is a daemon that runs simulated network services called canaries to trigger alerts when they are accessed. It supports various protocols including SSH, FTP, HTTP, and databases. The alerts can be sent to syslog, email, or a correlator daemon. Canary Tokens generates unique identifiers that can be embedded in files, databases, processes, and transactions to detect unauthorized access like web bugs track email opens. It allows implanting traps in production systems rather than using separate honeypots.