There always comes a question in our mind when we think about cybersecurity that how can we catch a hacker if he tries to hack our system? When we go fishing, we use a net to catch fishes. The same thing we can do with a hacker. We can set up a trap in our system to catch hackers if they try to hack into our system. Here we’re gonna use a method that is called Honeypot.
What is Honeypot?
A honeypot is a PC framework that is set up to go about as an imitation to draw digital assailants and to identify, redirect or examine endeavors to decrease unapproved access to data frameworks.
By and large, a honeypot comprises of information that gives off an impression of being an honest to goodness part of the site yet is really confined and checked, and that appears to contain data or assets of significant worth to assailants, who are then blocked. Fundamentally, a honeypot is a security asset whose esteem lies in being examined, assaulted or bargained.
Honeypots can be set up inside, outside or in the DMZ of a firewall outline or even in the majority of the areas in spite of the fact that they are regularly conveyed within a firewall for control purposes. In a sense, they are variations of standard Intruder Detection Systems(IDS) yet with to a greater extent an emphasis on information gathering and misdirection.
Honeypots can be arranged and in light of their deployment(use/activity) and level of association. In light of deployment, honeypots can be delegated
1. Production honeypots
Production honeypots are anything but difficult to utilize, catch just restricted data, and are utilized basically by organizations.
Production honeypots are put inside the production network with other production servers by an association to enhance their general condition of security.
Typically, production honeypots are low-collaboration honeypots, which are less demanding to convey. they give fewer data about the attacks or attackers than research honeypots.
2. Research honeypots
Research honeypots are rush to accumulate data about the intentions and strategies of the Black Hat people group focusing on various systems.
These honeypots don’t increase the value of a particular association; rather, they are utilized to inquire about the dangers that associations confront and to figure out how to better ensure against those dangers.
Research honeypots are unpredictable to send and keep up, catch broad data and are utilized basically by research, military, or government associations.
Based on design criteria, honeypots can be classified as:
1. Pure Honeypots
2. high-interaction honeypots
3. Low-interaction honeypots
How To set up Honeypot in Kali Linux:
To set up honeypot in Kali Linux we need a tool called pentbox. Download the tool from here.
Download the zip file or copy the download URL and clone the file using the terminal.
To clone the file using terminal type the command
git clone ‘copied URL’ (ex: git clone https://www.crackitdown.com)
If you downloaded the file to the desktop, then simply type
Type ls to get into the folder. Inside the folder, you will see a file named pentbox.rb. To execute the file type
Now you will see many options. To use honeypot we will choose the Network tools option. To use this option simply type 2 and hit enter.
Now there will show up the honeypot option in the third position. To use the honeypot we will type 3.
There will show up two options. One is Automatic configuration and another one is Manual configuration. You can choose any one of them. In our case, we are choosing the Automatic configuration.
After choosing the configuration option, the honeypot will be activated on a port. If any IP address tries to access our system, the honeypot will show up all the details of the IP address.
To deactivate the honeypot press ctrl+c and the service will be deactivated.
If you want to set up the configuration manually, follow the steps.
First, it will ask for the port you want to open. Type the number of the port you want to open and hit Enter.
Now it will ask to insert a message to show up if the hacker tries to get into the system. Simply insert your custom message that you want to show up and hit Enter.
After that, it will ask whether you want to save log files or not. If you want to save then type Y and if you don’t want to save type N. If you choose yes, the logs will be saved in a text file inside the pentbox folder.
Now it will ask to activate beep sound. That means if someone gets trapped in the honeypot you will hear a beep sound.
Now the honeypot will successfully activate.
You can use this tool to secure your system and to trace the attackers. If you are facing any problem, feel free to comment us below. our team is always here for you.
Some open-source tools like this one prove very helpful if we talk about increasing security for our systems.
What’s your opinion about this tool? let us know in the comment box. Also, if you face any problem regarding the installation of this tool, feel free to leave a comment below.