Cowrie is the new fork of the Kippo Honeypot. It has been updated with new features and provides emulation that records the session of an attacker. With this session recording you are able to get a better understanding of the attackers tools, tactics and procedures (TTPs). A term that is increasing being used in […]
Conpot is an ICS honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems. let’s first install Conpot then I explain about this tool: 1- install Docker if you are running ubuntu17.10, this is a good document for installation, otherwise follow the instruction of Conpot. 2- Run […]
T-Pot is based on the network installer of Ubuntu Server 16.04.x LTS. The honeypot daemons as well as other support components being used have been containerized using docker. This allows us to run multiple honeypot daemons on the same network interface while maintaining a small footprint and constrain each honeypot within its own environment. In […]
This is really good file, if you want to evaluate what is inside bro: bro_log_vars
Today we will be looking into how to setup a centralized log management for Linux servers, this will help the Linux admin to have a multiple server logs into one single place. The Linux admin not required to login in to each servers for checking the logs, he can just login into the centralized server […]
How to Install tcpdump in Linux Many of Linux distributions already shipped with tcpdump tool, if in case you don’t have it on systems, you can install it using following apt-get command. # apt-get install tcpdump Once tcpdump tool is installed on systems, you can continue to browse following commands with their examples. 1. Capture […]
I have found an articles about Honeypot and SCADA. I think it is worth looking at this article. Download Now