Let's Catch Some Hackers - Deploying a Honeypot! #1
Ғылым және технология
Join me as we build my favorite Honeypot project, TPOT. We discuss what a honeypot us, where to deploy a honeypot, standup the software, and collect some attacks! Join me as we explore and learn together.
TPOT Github - github.com/telekom-security/t...
Check us out: www.opensecure.co/
Interact with our demo: www.opensecure.co/demo
Hire us: www.opensecure.co/contact-us
Пікірлер: 24
Can you please create a video on how to setup Alerts for T-Pot? I want to use this device internally and it would be nice to get email alerts. Thanks! Great Video BTW.
@taylorwalton_socfortress
2 жыл бұрын
Hey, this video details how we can generate alerts received from our honeypot: kzread.info/dash/bejne/hWWowcVve7vddbw.html
is your ubuntu host running from a cloud provider?
Hey, I was hoping to attach a TLS certificate with a domain name to the honeypot as a school project. Do you know which ports I should use for the AWS load balancer in order to do so since the ports are remapped so I can make the connection encrypted when accessing the browser through port 64297?
@royalpotato4733
10 ай бұрын
hey there, Iam also looking to extend features for my honeypot project. Can u tell me how u got the TLS cert for yours
when I start the machine and log in to web UI Kibana takes time to start and after that the connection is lost. I only get like 4 minutes then all the services are lost again. I have to stop the machine and start again, sometimes it's successful then it'll stop.
@taylorwalton_socfortress
2 жыл бұрын
Hey, it may be due to not enough memory being allocated to the server. Can you try increasing the memory and see if that helps? Thanks for watching!
hi thank you for this video but I have some errors like (server.publicBaseUrl misconfiguration) in kibana and if i tried to install tpot again it gives me this error(no kernel modules were found) can you help me and if you have spare time may you join me live meeting??
@taylorwalton_socfortress
2 жыл бұрын
What installation method are you using? If you are using the iso file than everything should be set for your correctly at run time.
id like this vid twice if i could
@taylorwalton_socfortress
2 жыл бұрын
Thanks for watching!
You're actually using a VM with ubuntu right? dumb question but I don't know, newbie here.
excuse me, i get the update IP but cant access the web ui and ssh too, even though the tpot installed successful. thamks for your help
@ujjwalstha7420
Жыл бұрын
did u solve it?
@redhat3831
Жыл бұрын
@@ujjwalstha7420 solved it bro
@Sprizzy
Жыл бұрын
Hey there, how did you fix it, please? Thanks.
At 13:37 you gave a jerk laugh. hahahah, thats cute.
How hackers will get to know about your port? through shodan? or is there any other way hacker can know about this ports? basically if I setup my own ssh honeypot will I be able to see my ip on shodan?
@taylorwalton_socfortress
2 жыл бұрын
It depends where you host the honeypot server. If you host within an internal network than the only ssh attempts you will capture will be from a user who has access to the internal network. If you host the honeypot server in a publicly available network such as a DMZ than any user or service such as shodan will be able to interact with ssh via port 22.
@sheinsopariwala
2 жыл бұрын
@@taylorwalton_socfortress Thanks mate
I also use ubuntu 20.04. But show Aborting. "Debian focal is not supported"?
@taylorwalton_socfortress
2 жыл бұрын
Hey Dai, I have not tried installing on the Focal distro so I am not sure if that is supported or not. Are you seeing any output from logs? An iso file of the latest version can be downloaded from here: github.com/telekom-security/tpotce/releases/download/20.06.2/tpot.iso This comes pre bundled with a supported OS and software to get you up and running quickly. I hope this help and thanks for watching!
where you write the command?
@taylorwalton_socfortress
2 жыл бұрын
Hey there, what command are you referring to?