Honeypot Deployment using Pentbox Tool
In this article, we will be doing the practical on the Honeypot Deployment using Pentbox Tool. The only thing which you have to keep in mind that we are doing this deployment on our virtual machine. So you must have prior knowledge about Kali Linux os and have already installed the kali on your virtual machine.
For every consumer and business that is on the Internet, viruses, worms, and crackers are a few security threats. Anti-virus software, firewalls, and intrusion detection systems, these systems can only react to or prevent attacks-they cannot give us information about the attacker.
A honeypot is used in the area of computer and Internet security. It is a resource, which is intended to be attacked and compromised to gain more information about the attacker and the used tools. It can also be deployed to attract and divert an attacker from their real targets.
TYPES OF HONEYPOTS
- Low-interaction: have limited interaction, they normally work by emulating services and operating systems. Attacker activity is limited to the level of emulation
- High-interaction: they are usually complex solutions as they involve real operating systems and applications. Nothing is emulated, the attackers are given the real thing.
- Production honeypots: A production honeypot is used to help migrate risk in an organization
- Research honeypots: is meant to gather as much information as possible. These honeypots do not add any security value to an organization, but they can help to understand the blackhat community.
DEPLOYING HONEYPOT
Here we will see, Honeypot Deployment using Pentbox Tool in our system running on Kali Linux Operating System. For Deployment Purpose we need PENTBOX tool.
The Pentbox is Security suite that can be used for penetration testing to perform various operations. The Pentbox kit contains various tools to perform activities including cracking hashes, stress testing, DNS enumeration and other. Pentbox is written in ruby, and it supports Linux, Mac OS X, and Windows platform, it will take few steps to compete Honeypot installation.
- Download Pentbox:
You can download Pentbox by using the following command:
Extract pentbox-1.8.tar.gz by using command below:
Goto the following folder, Run Pentbox ruby script as shown below:
Multiple options are available in Pentbox
Setup Honeypot:
- Honeypot is on Network Tools (Open 2)
- Select Honeypot option.
- Select Fast Auto Configuration (Option 1)
Now, Browse your local IP
You will see access denied error, and in the terminal, you see “HONEYPOT ACTIVATED ON PORT 80 INTRUSION ATTEMPT DETECTED”.
Here you can also do manual configuration, where you can set Honeypot on the port of your choice, also you can set false message by yourself.
Advantages: Data Collection
Resources
Simplicity
Disadvantages:Single Data Point
Finger Printing
Risk
guys we have seen, Honeypot Deployment using Pentbox Tool hoping this will help you in understanding about the honeypot in a practical way.