Read Time:2 Minute, 5 Second

Honeypot is a bait for a hacker whose goal is to attract an attacker and be attacked.
Such honeypots are usually configured to study the attacker’s activity on the network in order to create stronger defenses, study the attack strategy, determine the attacker’s means, and so on.

• Honeypot does not carry any valuable data as it is a fake host. When the honeypot is attacked, it registers this and saves all the actions of the attacker. Honeypot can be a full-fledged operating system that emulates an employee’s workplace, a server, or is a separate service.

There are three common types of honeypots:
• Honeypots with a low level of interaction. These hooks simulate services such as Telnet, #SSH and web servers. An attacker or attacking system mistakes the honeypot for a real vulnerable system and installs the payload.
• Interaction honeypots also simulate vulnerable systems, but they are more functional than the simplest traps.
• High level interaction honeypots. These are real systems that require additional steps on the part of the administrator to limit malicious activity and avoid compromising other systems. Their advantage is that they can run on a POSIX-compliant system. This means that attempts to identify hosts that use techniques not yet emulated by low-interaction honeypots will not work against such a trap, and attackers will be convinced that they have hit a real device.

• Below is an excellent list of “honey pots (honeypots)”, a detailed description of each of the baits you can find on the links below:

• Awesome honeypots – Huge list of various manuals, instructions, various tools, various honeypots categorized.

• telnetlogger — Telnet logger, writes login-password + IP address pairs to the log. Requires no extra settings.

• SSH Honeypot – Logs IP, username and password. Each entry is marked with a timestamp (unlike the Telnet logger).

• Honeypots – 25 different honeypots. dns, ftp, httpproxy, http, https, imap, mysql, pop3, postgres, redis, smb, smtp, socks5, ssh, telnet, vnc, mssql, elastic, ldap, ntp, memcache, snmp, oracle, sip and irc.

• Chameleon – 19 configurable honeypots for monitoring network traffic, bot activity, and credentials.

• HoneyDrive – Linux distribution, virtual machine image (OVA) with Xubuntu Desktop 12.04.4 LTS installed. It contains over 10 pre-installed and pre-configured honeypots.

• Conpot is a server-side, low-interactivity honeypot for industrial control systems designed to be easily deployed, modified, and expanded.

• Dionaea — The task of this honeypot is to catch malware, trapping them, so researchers can get the so-called samples of this or that malware.

The Cyber Army of Russia

About Post Author

Treadstone 71

@Treadstone71LLC Cyber intelligence, counterintelligence, Influence Operations, Cyber Operations, OSINT, Clandestine Cyber HUMINT, cyber intel and OSINT training and analysis, cyber psyops, strategic intelligence, Open-Source Intelligence collection, analytic writing, structured analytic techniques, Target Adversary Research, cyber counterintelligence, strategic intelligence analysis, estimative intelligence, forecasting intelligence, warning intelligence, threat intelligence
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
%d bloggers like this: