BASICS:
in simple language, a honeypot is a request catcher. honeypot can be set up on a specific port or service.
honeypot can be very useful in many ways.
for instance, A virus is spread into the whole world. an IT company hires an ethical hacker to look upon the working progress of the virus. they wanna know how the virus works. on which port/service, it attacks. however, it can be done by reverse-engineering. but we are gonna see the attacking virus.
HOW TO USE
we can set up a virtual environment if we are really working on some kinda virus. but it is a simple tutorial that will give you a hint to use a Honeypot.
for this tutorial, I am going to use a very popular tool, PENTBOX. it is easy to use and it never makes you set up anything. it has many other options but at this time, we will use honeypot.
step.1
Download pentbox from GitHub
step.2
go to the pentbox dir and make files executable
chmod +x pentbox.rb
step.3
run the executable file
./rentbox.rb
OR
ruby pentbox.rb
step.4
choose option 3 for honeypot and type 2 for manual configuration
step.5
insert a port that supposed to be open
LIKE- 21,22,23,25,80,443,2322 etc
but remember if you are opening a port except 80, you will need to send TCP request with netcat or telnet.
if you don’t know how to send a TCP requsest___READ-THIS
step.6
now it will ask you for a text message to show hacker. you can type anything for it.
step.7
after message, it will ask you to save a log file. a log file holds some user history.
if you type y then it will ask you for a path and name for the log file.
step.8
now it will ask you to sound if honeypot captures a request. you can type y if you want to.
step.9
now that our honeypot is ready, we can make a request to our local port.
for this, we need to know our IP
now that we know our IP is 192.168.43.55, we can make a request with netcat. in my case, I opened port 21.
nc 192.168.43.55 21
now, the honeypot terminal should something.
Thanks For visiting.
