What is a honeypot, How to install and what can we see from honeypots?
HTML-код
- Опубликовано: 4 авг 2024
- In this lab i will show you a honeypot implimentation, describe what a honey pot is and show you the step by step instructions to install tpot honeypots
github.com/dtag-dev-sec/tpotc... of Contents:
01:35 - Honeypot Deployment Considerations
Join the community on Discord on this link : / discord . You can post live questions and get help from others there.
Follow us on:
Twitter: @lahilabs / lahilabs
Facebook : / 2660291254110431
And Support This Channel on
Patreon: / itsecuritylabs Connect and Direct Message me on Linkedin: / howard-mukanda-24503144 
Хобби
This is great, I don't know why I never of thought of running one in the cloud just for curiosities sake
Amazing explanation, thanks for sharing the knowledge
your videos are very good and have a wide message thank you
Thanks for another great video
Perfect Honeypot Video 👍
excellent thanks. Keep up the great work.
Great stuff, thank you!
Very nice (from one I.T. person to another). Keep up the great work!
Great video. Can you explain how to set up PFsense to allow for a configuration in front of your firewall? I would like to set up tpot to receive pertinent internet traffic. Are there a list of ports to forward to tpot or a configuration setup in PFsense?
Super cool. I set this up on AWS and it works great. I havent opened up all the ports yet in the documentation did you open up every port or just enough to make the web page load?
Can you advise what version of Ubuntu and the direct edition you are using. Currently i created my own ISO and installing a Debian stretch edition. it seems TPOT only supports older Debian stretch SID editions . if you cat /etc/Debian_version on the latest Ubuntu LTS it shows buster. Install fails
Hi, about timing 7:28 to 7:40 is it auto binding port?
then, is it secure about port opened even for honeypot or honeytrap
Please do you have any tutorials on installation of capture-HPC ?
Very nice:)
it's nice tutorial what is next after getting honeypot log data and related with cyber intelligence
Good video
how to set up alerts if instruder is in my network??? u didnt mention anything about that
i want to learn every thing about honeypot what should i read or see?can you introduce some thing?
Cool!!!
having some issues with my emails and devices, find these hackers are so annoying! have gone through multibed devices and emails at this stage, apart from protecting with 2fa, could you advise any major deterrents? im exhausted at this stage and would sincerely welcome any help!
Could you please make video about intalling tpot on virtual machine with tpot iso. I have been facing some problems for a week I couldn't make it. Especially I want to learn installation of the latest version tpot.
please help , after installing i can't open the web interface ..
The github link is giving an error 404 page not found .Can you send the github link again .
How do I implement this on Windows on-prem servers?
When installing it says debain bionic is not supported please help
page is not found. Do you have an updated link by any chance?
Great video!! Can this be deplyed in Azure?
Also does it work best on Ubuntu or Debian, does it make a difference?
I had issues running on Ubuntu. it states the "Aborting. Debian focal is not supported."
my kibana dashboard is not opening ...any explanations????
I HAVE DONE THE UPDATE AND UPGRADE BUT STILL HAVE THE ISSUES
Why does my ubuntu tell me the E: Package 'netselect-apt' has no installation candidate ? It aborts the download and it tells me the Debian xenial is not supported ? What do i do now?
I also experienced this. I found out that Ubuntu doesn't support tpot anymore. I don't know which platform supports it either. Tried debian 10 and kali linux 2018 & 19 and still got the same issue
🐝 looking for that
Can we still install in Ubuntu? I read the document that should install on Debian 9.X
ubuntu is a fork of deb.
So are attackers getting into the actual network through a honeypot or is an isolated from the real network? Are attackers getting real information or falsified information that appears to be real?
not sure if you will see this one, but when trying to install both in ubuntu and kali, it says "aborting, debian jammy/kali is not supported" I have not been able to find a solution.
great video! very interesting! Which version of Ubuntu does tpotce run on? is there any other platform besides Ubuntu for it to run on?
Axrio Grey Ubuntu 16 or 18 should work.
@@ITSecurityLabs 20.04 doesn't work, fyi.
how to install honeyd in unubtu
But I'm also interested about what they doing and how they doing it. For example, when they bruteforce the ssh server, or doing SQL Injections, what commands they are using, what they're downloading (exploits, tools, etc). Is this capable of displaying these? Maybe a realtime view of their shell ?
Hey Cthulhu, did you find out if it was capable of this and if not what did you do?
I think for that you should be able to hookup the servers access logs, so you can see brute force attempts
You could always use an OSSIM, this would show a lot of information.
hello, while installing I got this error E: Package 'netselect-apt' has no installation candidate
Package manager quit with exit code.
Aborting. Debian bionic is not supported.
what am i suppose to do? The Ubuntu is in Vmware Workstation
Maybe the packages do not work anymore. I have not updated mine but i will let you know if i find a solution.
@@ITSecurityLabs Yeah please do suggest as i was learning to install honeypot.if any other alternatives do suggest
ubuntu should use APT though right not YUM 5:27
Working... this may take a while.
E: Package 'netselect-apt' has no installation candidate
Package manager quit with exit code.
Aborting. Debian bionic is not supported.
im having this error on my ubuntu 18.04
TPot now runs on Debian 10 Buster, maybe you have to update.
Hi, I bought a coin but I can't sell it, they told me it could be a honeypot, I could get my money back or nothing
I did exactly what the video says, but in the last step I get an error: E: packadge ‘netselect-apt’ has no installation candidate. Packadge manager quit with exit code. Aborting. Debia focal is not supported.
Did your error resolved ??
Please help
Edit install.sh file under iso/installer/install.sh
Change line 21 to
myLSB_STABLE_SUPPORTED="stretch buster focal"
It should work
how connect tpot sensor with tpot collector on distributed environment
nice info...
?any honeypot for windows you recommend... foss if possible...
install virtualbox and then install TPOT
@@LauweLeon i have some difficulties for configuration tpot on virtualbox
you can help me sir ?
How can i delete logs from tpot?
Sorry, I was wondering how to see the logs? I couldn't understand that part. I used honeyD. I discovered this tool now.
while installing I got this error E: Package 'netselect-apt' has no installation candidate
Is there any workaround for this and how did you implement it in the cloud? badly need your help for this one. Awesome content btw! defo subscribing.
Hey Stephano, even i got the same issue E: Package 'netselect-apt' has no installation candidate
. Aborting Debian eoan is not supported. If u get any resolution request me to help me out to get into.
@@yogeshdasari same error mate did you resolved it
@@shailendraverma1675 Install on a Debian distribution.
@@t58beare i tried using the lastest version of ubuntu 2022 and it is saying Debian Jammy is not supported. can you help me out here
sir your github link is dead.Could you share it again? Thanks in advance.
How sell koin honey pot, i'm buyy koin but not sell, please help me 😭😭😭😭 ?
I am doing my final year work at the university where I will use the T-Pot. Is it possible for me to simulate attacks?
And in case where do I see the logs generated from all attacks?
Sorry for the questions, maybe so obvious to you, is that I was going to use the honeyD tool but I ended up changing it and found this news here, and I want to use it to solve my final course problem
Yes, you can simulate attacks. Set up the lab like i show you here : ruclips.net/video/57Da4uVdoiM/видео.html
Launch attacks from Kali towards your tport .
@@ITSecurityLabs Thanks for answering and for the tips. I will watch this other video from the link.
But two questions to finish: The ip that T-POT uses to receive all these attacks is the local ip or the external / public ip?
To simulate attacks towards him as you said, using kali linux, use the external / public ip too or the local ip?
@carloskombo2967 Hello, I am doing my project on cloud security using honeypots and I need to simulate attacks. Did you manage to simulate attacks in your case?
Hi Thank you for this!
Just want to ask is it only work on Debian linux?
thanks more power!
I have not seen it deployed on other distributions. Looks like this is the easiest way.
can I install that honeypot on a raspberry pi 3?
Yes
Wakanda Forever!
Yeah!
No longer works with Ubuntu by the looks of things, debian only
Should put this comment on top....
Well
Hello, I'm sorry for disturbing you ;((. I have some problems with my project..
I never use honeypot before. But, I have a task from my lecture, that I should use honeypot for detecting hackers attacks..
I searching for many journals, tutorials and articles. I tried using the honeydrive3 and used the honeypot Kippo. When I tried that, and I attack by myself, it works, the detailed of attack is served ... But, when I told that to my lecture, he said it was not what he want...
The workflow he want is, we use the honeypot and then we try that to some websites.. But, when the attacker scanning or do something to that web ip address, it must deflect to the honeypot, it means that the attacker really attacks the real website.. and I really don't know what to do ;( It's the first time for me and I didn't know anything, I never see the tutorial or something that helps ... can you help me please???I really thankfull if you help mee.. I know I'm bad ;(((
could barely hear you bro... cranked up volume to max then got blown away by a loud advert (lol)
the link is no longer valid
Can I run it on my PI?
Kiromatsu I think so. Let me know if it works because I would like to try it as well
Nice job!! how do I send you a private message?
Send me an email to lmakonem@gmail.com
Github gives me a 404 :( , can you re-upload?
cool fact, honeypot is also the name of a porta potty.
Typo in the title?
Thanks. I fixed it
8 GB of RAM!!!!!
You kidding !
There is a NEW Version available of tpot
Daniel Fu that’s awesome. I tried it a few weeks ago in azure
@@ITSecurityLabs i check it with greenbone a open Source security scanner
Daniel Fu I am a big fan of this project
FBI sent me here.
why i got this error?
Aborting. Debian focal is not supported.
I think they changed things a little bit. I will create another one soon
@@ITSecurityLabs thats works well when i installed iso version
That event histogram distribution is so hurtful to watch. Everything else is great.
I powered off the machine and started it 24 hours later, thats why the histogram looks weird.
g
lol script kiddy hour
Great video. Can you explain how to set up PFsense to allow for a configuration in front of your firewall? I would like to set up tpot to receive pertinent internet traffic. Are there a list of ports to forward to tpot or a configuration setup in PFsense?