October 13, 2021

Build my own honeypot

Hello, I want to create my own honeypot without a monitoring tool like tpotce would that be possible?

If so how would I make a start to it as I personally cannot find anything online and I would appreciate it if someone could help me out here.

Thanks In advance guys!

Comments

elatllat

Yes.

First log all traffic to all ports of a public IP. You will get a huge list of IPs vuln scanning. Any IP hitting the server ~10k or more times a month is not playing nice.

Next is app logging, for each port setup the common app and check the logs for anything more than just scanning (password guessing, protocol fuzzing, etc).

Be sure the server is isolated with an IDS so you don’t facilitate any malice.

The last thing to do is get more tricky with the pot by tempting the actor to share an email, or faking a data leak to see how they want payment.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.