Setting up a honeypot with netcat: 


Honeypots are computer environments used as a "bait" to detect unauthorized access attempts.

Setting up a directory for our Honeypot:


We get in our directory


We create the file where the logs would go:


We then set the right access rights for the log file:


Creating a banner:

When the Honeypot is accessed, the below banner is displayed.
We put our banner in the "/honeypot/banner.txt":


The bash script:

The script that runs an infinite loop in the background waiting for a connection the port netcat opens:


>> : append to the end of the file

The standard output (stdout) - number "1" in the script - and error output (stderr) - number "2" in the script - are appended to the log file "
honeypot.log".
The IP addrress which netcat  outputs is also added to the logfile.
The script access the port number as a parameter "$1".

Once a user connects to the port, the banner in the "banner.txt" is displayed.
We also add the date and time of the connection to the log file.

Executing the bash script:

We make the script executable using the below command:


We start the script using the below command:


When we connect from the host using the below command:


We see the banner, then the connection ends.
We can then check from log file "honeypot.log" the details of  the connection attempt.
Brando Sabatini and Ikbal C ©. Powered by Blogger.