PART 2: LETS CREATE A HONEYPOT FROM SCRATCH USING #COWRIE AND A #RASPBERRYPI #LIVEHACKING

Security Union

create honeypot honey pot how to catch hackers how to detect hackers how to detect intrusions how to stop hackers how to use a hone pot how to use cowrie projects with raspberry pi raspbarry pi projects ssh honeypot threat analysis projects what is a honey pot

description

The long-awaited session on how to create a honeypot from scratch.

You will need a raspberry pi to follow along.

From June 28, 2020, to August 3, 2020, I recorded more than ssh 130 sessions from all over the world. To accomplish this, all I had to do was to expose a raspberry pi through my router’s DMZrunning cowrie, “a medium to high interaction SSH designed to log brute force attacks and the shell interaction performed by the attacker”.

Sessions contained all kinds of ssh interactions: trojans, rootkits, and even friendly hello messages. I also stored more than 1 week of network traffic, our little raspberry PI interacted with more than8000 IP addresses.

My mission in this paper is to analyze thread data, including network data, session logs, and how honeypots can be leveraged to understand threads. I will also propose some mitigation strategies that could be implemented at the ssh server and OS levels.

https://github.com/security-union/going-fishing-with-my-raspberry-pi ... https://www.youtube.com/watch?v=B-2RdeRZg_Q

created

2021-01-21

staked

0.0 LBC

license

Copyrighted (contact publisher)

File size

709934071 Bytes