honeytrap.mwcollect.org

Navigation

Information

Overview
Download
Details
Compiling
Manpage

Examples

Attacks / Stream Data

Treasure Chest

Xen Honeypot Sensors
Qemu Honeypot Sensors
PE Hunter


SourceForge.net Logo

svn.mwcollect.org

Software Development

Projects

nepenthes
honeytrap
HoneyBow

Code Repository

We will provide live commit logs here soon. Until then feel free to view the mwcollect.org repository with Trac.

alliance.mwcollect.org

mwcollect Alliance

Attacker Top Five / 60 minutes

  1. 16x 122.127.46.74
  2. 15x 89.45.28.143
  3. 13x 122.126.0.242
  4. 12x 62.192.171.26
  5. 4x 220.229.78.210

Sample Top Five / 3 hours

  1. 37x 7f60162c2c0b...
  2. 24x 952098cf3c65...
  3. 21x 3875b6257d4d...
  4. 12x 46474b56a2d2...
  5. 10x 60cd45803c40...

Qemu-based honeytrap sensor

honeytrap on a virtual OpenBSD

Looking for a easy way to deploy a honeytrap sensor? Then you might want to use my OpenBSD Qemu image. Starting the image on a Linux host in Qemu 0.9.0 is fairly simple: 

qemu -hda honeytrap_openbsd_qemu.img -net nic -net tap,ifname=tap0

This command would connect your OpenBSD network device to the tap device tap0 on the Linux host. You should then use a virtual ethernet bridge to connect the tap device to a physical interface. Login to the virtual OpenBSD on 10.0.0.2 via SSH and change the passwords for the users root and honeytrap (both default to honeytrap).

honeytrap Qemu image

This is a minimal OpenBSD install with honeytrap 1.0.0 (subversion checkout 2007-06-06):