I am really happy that I started testing tons of software related to honeypot. So, if there is a challenges in installing these software, I can share with you.

KFSensor acts as a honeypot, designed to attract and detect hackers and worms by simulating vulnerable system services and trojans.KFSensor is pre-configured to monitor all TCP and UDP ports, along with ICMP. It is also configured with the emulation of common services.It starts monitoring right after its installation and can be easily customized to add additional customer services later on.

1- first, for getting report, you have to install SQL Server with sql authetincation. if you install MySql, it doesn’t work very well. it seems, it needs kind of component to connect to MySQL. I installed latest version of SQL Server Express 2017

2- then, I define username in security section and mapped it to my Database.

KFsense honeypot hamidreza talebi

3- then, I download KFsense and Installed it on my machine

4-after that, click on graph and report, then in the Define ODBC DSN, first select System DSN Tab and then Add SDN,

from then list select SQL Server Native Client 11.0 and then you have to connect to your Database which we made a user and password in step 2

KFsense honeypot hamidreza talebi

5- Write username, password and SDN name you defined in step 2 and 4. make sure clicked on Enable database logging, Monitor uses database and Memory conservation.

if you are done these step correctly, you have to get prompt when you click on Configure button.

KFsense honeypot hamidreza talebi

6-KFsene will be restarted and then you can view reports. By default, it opens report on browser on the port of 8351.

KFsense honeypot hamidreza talebi