-
Notifications
You must be signed in to change notification settings - Fork 15
Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner
License
GPL-2.0, GPL-2.0 licenses found
Licenses found
GPL-2.0
LICENSE
GPL-2.0
COPYING
armedpot/honeytrap
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
README Honeytrap is a network security tool written to observe attacks against TCP or UDP services. It runs as a daemon and starts serv- er processes dynamically on requested ports. A server emulates a well-known service by simply sending captured network traffic to a connected host. Many clients and particularly attackers will be fooled and send responses to a honeytrap server process. The arriving data is as- sembled to a string and written to a database file. Such a string is called an attack string. Honeytrap can parse an attack string for commands advising the server to download a file from another host. If a download com- mand is found, the server tries to retrieve the corresponding file automatically. A downloaded file is stored locally with an md5 checksum in its name. Currently, only ftp and tftp are sup- ported. Honeytrap implements its own clients with the aim to be- have as similar as possible than Windows systems. Http URIs are recognized and logged. A http download routine may be added in future releases. INSTALLATION Installation of honeytrap is pretty straight forward. Just do a './configure --with-stream-mon=<type> && make && make install' where '<type>' is the connection monitor type of your choice. Please refer to the INSTALL file and to the output of './config- ure --help' for further information. WARNINGS Honeytrap is a low-interactive honeypot and therefore detectable. It is written in C and thus potentially vulnerable to buffer overflow attacks. Take care. Running in mirror mode is dangerous. Attacks may be directed to the attacker, appearing to come from your system. Use with caution. The program needs root privileges, but only for binding server processes to well-known ports. Use the -u and -g command line op- tions to drop privileges and switch to another user and group as early as possible. CONTACT If you have problems, questions, ideas or suggestions, please contact me at <[email protected]>. If you would like to help making honeytrap better, you are welcome.
About
Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner
Resources
License
GPL-2.0, GPL-2.0 licenses found
Licenses found
GPL-2.0
LICENSE
GPL-2.0
COPYING
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published