Ready to Start Your Career?

By: scilley
November 4, 2015
Integrating a Honey Pot into Your Network
By: scilley
November 4, 2015

By: scilley
November 4, 2015

Lets begin...Install your favorite OS, one that will support any of the various Honey Pot platforms out there. Snort, Dionaea, Kippo, Galstoph, etc. Do your research here, as I will not be going into detail on any of the platforms. This write-up is simply how to integrate.Install the security software, depending on your OS.# For Centos, Fedora, RedHat
yum install clamav maldetect, fail2ban chkroot, rkhunter (sudo if needed)
# For Debian/Ubuntusudo apt-get install clamav maldetect, fail2ban chkroot, rkhunterIf maldetect isn't found (usually so), get maledetect HERE.
Secure your server and install whichever Honey Pot you choose to use.Lets place this somewhere, internally or externally.# If DMZConfigure your internet router to push the DMZ traffic to the Honey Pots IP Address. Isolate your internal network behind a firewall and see this post.Remove any Port forwarding for Web, Mail, AD, etc.Monitor its logs and just watch, it will get hit. Use this information to see and analyze what they're after and how they're trying to get it. With it sitting in your DMZ and your internal network isolated, it's safe and very useful. It generally keeps the bad actors away from your internal network and allows you to see just how unsafe the internet really is.# If InternalRun a cable from your Hub/Switch/Router/Firewall, and plug the Honey Pot in.Monitor, analyze and see if any machines within your internal network are compromised. If they are, they'll find the Honey Pot and attempt to exploit it. If this happens, repair, patch and re-image the effected system. Short and to the point, I do hope this helps those out there who are interested in securing their network.For Network honey pot monitoring, please see Twisted Security ~ ScottBuild your Cybersecurity or IT Career
Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry