I had no idea what I was doing the whole time 😀 It may appear overwhelming at first, but try to chunk your body of work into small, manageable sizes. You can do it 💪
" I really have no idea what I am doing " quote... Legend!! That's how you got there, right? And you figured it out anyways. Thanks for the honey, sir. Just beautiful, very well done. Questian: After having trapped the attacker's shell you probably be able to execute a " reversed shell " aka RAT remote acces terminal since have all the credentials or do you need more to be able to reverse??
Not sure I understand the tarpit. Certainly the logins are being done in an automated and threaded fashion likely doing little more than consuming a thread and momentarily causing a bit of annoyance if they are just testing logins to manually eval later.
It ties up all of the threads very quickly. If your system is tarpitting the attacker they aren't attacking someone else. Just one tarpit can totally stop the attacker.
Even when the logins are being done in a threaded fashion, they will still be consumed by the tarpit, as the SSH connection relies on sending its banner first. So the threads will have to wait hours until honeypy has sent the full banner.
I wish I was able to build projects like this
Me too, maybe we can some day with consistent effort
Why can't you?
I had no idea what I was doing the whole time 😀 It may appear overwhelming at first, but try to chunk your body of work into small, manageable sizes. You can do it 💪
I would really like to see the results in the dashboard after a few weeks of having the honeypot running!
I'm interested in that as well.
You are welcomed to deploy this project yourself. Onto the crash course!
Nice one, just a small note that you can exit the ssh by pressing the tilde character and a dot `~.` (might require pressing enter prior to that) 😊
" I really have no idea what I am doing " quote... Legend!! That's how you got there, right? And you figured it out anyways. Thanks for the honey, sir. Just beautiful, very well done. Questian: After having trapped the attacker's shell you probably be able to execute a " reversed shell " aka RAT remote acces terminal since have all the credentials or do you need more to be able to reverse??
Very interesting Grant! Thank you!
Thank you, John, onto the crash course!
cool. look forward to the next video.
Thanks, next video in this series will be the crash course.
@@collinsinfosec awesome
Awesome video as usual Grant, so helpful and interesting for someone like me (2nd year comp sci student)
Not sure I understand the tarpit. Certainly the logins are being done in an automated and threaded fashion likely doing little more than consuming a thread and momentarily causing a bit of annoyance if they are just testing logins to manually eval later.
It ties up all of the threads very quickly. If your system is tarpitting the attacker they aren't attacking someone else. Just one tarpit can totally stop the attacker.
Even when the logins are being done in a threaded fashion, they will still be consumed by the tarpit, as the SSH connection relies on sending its banner first. So the threads will have to wait hours until honeypy has sent the full banner.
!!!