Honeyport Logo

Honeyport

0
Free
Visit Website

A honeyport is essentially a simpler version of a honeypot. Whereas honeypots aim to simulate an application or protocol for the attacker to play around with, all the honeyport looks for is a connection from an external party, after which a specific action is performed (usually blacklisting them). It is usually only targeted attackers who will connect to more unusual ports in order to determine what services are running on those ports. Honeyport scripts are available in both Linux and Python. http://www.securitygeneration.com/security/linux-bash-ncat-honeyport-script-with-iptables-and-dome9-support/ http://www.securitygeneration.com/security/honeyport-python-script-with-local-firewall-and-dome9-support/

FEATURES

ALTERNATIVES

A fast and multi-purpose HTTP toolkit for sending HTTP requests and parsing responses

A low-interaction SSH honeypot written in C

A network protocol panic button operating decentralized through UDP broadcasts and HTTP, intended for sensitive networks to prevent cold boot attacks.

Monitors network traffic for suspicious activity and alerts when potential threats are detected.

Sniffglue is a network sniffer tool written in Rust with advanced filter sensitivity options and secure packet processing.

SentryPeer is a fraud detection tool that monitors and detects fraudulent activities on SIP servers, capturing IP addresses and phone numbers of suspicious activities and providing a notification system to service providers.

A framework for creating and executing pynids-based decoders and detectors of APT tradecraft

Fail2ban is a daemon that scans log files and bans IPs showing malicious signs to protect servers from brute-force attacks.

PINNED