In this post, I will list multi-protocol honeytops that support protocols like HTTP, HTTPS, FTP, SSH, etc.
– Some have built-in analytics to track and analyze activities in the honeypot, but they don’t compare in complexity to the cheating systems reviewed a few days ago.
1. Dionaea
A multi-protocol honeypot that covers everything from FTP to SIP (VoIP attacks). Dionaea has a modular architecture and uses Python for protocol simulation. It can simulate the execution of a malware load using LibEmu .
2. HoneyHTTPD
– A tool for creating web honeypots based on Python. It allows you to easily set up fake web servers and web services, respond at the HTTP protocol level with the necessary data, and log requests sent to the server.
3. DDoSPot
A UDP-based honeypot is distributed to track and monitor DDoS attacks. Simulates DNS, NTP, SSDP, CHARGEN, random UDP servers.
4. medusa
A fast and secure multi-protocol honeypot that can emulate ssh, telnet, http, https or any other tcp as well as udp servers.
5. Masscanned
It is a low interaction bait that targets web crawlers and bots. It responds to their requests using different protocols. It integrates with IVRE and allows you to collect IP blacklists, similar to what GreyNoise does.
We See What Others Cannot