Skip to content

Honeypot

Installation

Debian 

sudo apt install ./intrudect-honeypot-x.y.z.arch.deb

Red Hat 

sudo dnf install ./intrudect-honeypot-x.y.z-0.arch.rpm

Configuration

The initial example (not default) configuration for Honeypot can be created in the web application under Agents > Add new honeypot. After saving and downloading it, store the configuration on the machine running the agent at /opt/intrudect-honeypot/etc/config.json. Once in place, Logagent will request an updated configuration from the web application every minute.

Listeners

Multiple Listener instances can be added to the Honeypot. For each listener, you must specify the IP address and the TCPPorts and UDPPorts to be monitored.

"Listeners": [
  {
    "IP": "192.168.1.2",
    "TCPPorts": [
      25,
      110,
      143
    ],
    "UDPPorts": [
      123,
      161
    ]
  }
]