Honeyntp
Honeyntp is an NTP honeypot and logging tool that captures NTP packets into a Redis database to detect DDoS attacks and monitor network time protocol traffic.
Free55
Free55
Honeyntp
Honeyntp is an NTP honeypot and logging tool that captures NTP packets into a Redis database to detect DDoS attacks and monitor network time protocol traffic.
Data verified May 2026
ADYour product here. Reach security decision-makers.Launch a campaignHoneyntp Description
Honeyntp is an NTP-based honeypot and logging tool that captures and analyzes Network Time Protocol (NTP) traffic for security monitoring purposes. The tool functions as both a scanner logger and honeypot, recording all incoming NTP packets into a Redis database for storage and analysis. It maintains detailed tracking information including first-seen and last-seen timestamps for each unique IP address and port combination. Built on the ntplib library, Honeyntp has been tested and verified to work on both Linux and Windows 7 operating systems. The tool provides cross-platform compatibility for deployment in various network environments. One of the primary use cases for Honeyntp is detecting Distributed Denial of Service (DDoS) attacks that leverage NTP amplification techniques. The tool is particularly effective at identifying malicious traffic patterns where attackers commonly use port 80 as the source port for their attacks. The Redis database backend enables efficient storage and retrieval of captured NTP traffic data, allowing security analysts to perform historical analysis and identify trends in attack patterns over time.
Honeyntp FAQ
Common questions about Honeyntp including features, pricing, alternatives, and user reviews.
Honeyntp is Honeyntp is an NTP honeypot and logging tool that captures NTP packets into a Redis database to detect DDoS attacks and monitor network time protocol traffic. It is a Security Operations solution designed to help security teams with DDOS, Redis, Attack Detection.
Honeyntp is a free Security Operations tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/fygrave/honeyntp/ for download and installation instructions.
Popular alternatives to Honeyntp include:
1.TANNER - TANNER is a remote data analysis service that evaluates HTTP requests and generates responses for SNARE honeypots while emulating application vulnerabilities. (Free)
2.DDoSPot - DDoSPot is a plugin-based honeypot platform that tracks UDP-based DDoS attacks and generates daily blacklists of potential attackers and scanners. (Free)
3.Nodepot - A nodejs web application honeypot designed for small environments like Raspberry Pi to capture and analyze malicious web-based attacks. (Free)
4.Anantis TrapEye - Detects intruders the moment they interact with your network. (Commercial)
5.CatchProbe SmartDeceptive - AI-based deception platform for collecting cyber threat intelligence (Commercial)
Compare these tools and more at https://cybersectools.com/categories/security-operations
Honeyntp is for security teams and organizations that need DDOS, Redis, Attack Detection. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Security Operations tools can be found at https://cybersectools.com/categories/security-operations
Have more questions? Browse our categories or search for specific tools.
