I tried many existing honeypot offerings, but ran into problems with each one. When I set out on this project, I was hoping to use an existing honeypot to throw on my home network and notify me if someone tries to connect to it. Wrap up these TTPs in a RaspberryPi form factor and you’ve got a simple honeypot that you can add to your network to gain insight when a breach has occured. HoneyPi only flags a few surefire triggers that would catch most attackers snooping around on an internal network: That is why HoneyPi tries to keep it simple compared to other honeypots. We set out to answer the question What some activities that could be flagged that would catch us when attacking an internal network? There are tons of honeypot options out there, but we leveraged our experience in penetration testing to gain insight into Tactics, Techniques and Procedures (TTPs) that real-world attackers would use. HoneyPi attempts to offer a reliable indicator of compromise with little to no setup or maintenance costs. What are the options for home users and small businesses? What if there were a cheap Raspberry Pi device you could plug into your network that masquerades as a juicy target to hackers? Let’s face it, unless your organization is big enough to have full packet capture with some expensive IDS, you will likely have no idea if there is an attacker on your network. It is astonishingly easy as an attacker to move around on most networks undetected. HoneyPi – an easy honeypot for a Raspberry Pi
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |