- Home
- Security Operations
- Honeypots & Deception
- mhn-core-docker
mhn-core-docker
A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.

mhn-core-docker
A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.
mhn-core-docker Description
A Docker-based implementation of a subset of the Modern Honey Network project that provides a containerized honeypot infrastructure. The system consists of multiple Docker containers working together: - A broker container that runs an hpfeeds broker, allowing clients to publish to channels or subscribe to channels - A cowrie container that runs the cowrie SSH/Telnet honeypot and connects to the broker to publish attack events - A dionaea container that runs the dionaea multi-protocol honeypot, connects to the broker, publishes events, and stores captured malware binaries Additional components include: - A geoloc application that subscribes to cowrie channel events and adds geolocation information - A honeymap application that creates a visual map of attacks by subscribing to the geoloc channel and serving it on port 3000 The setup requires creating a Docker network with static IP addressing and building the broker image from the provided repository. The system provides real-time visualization of honeypot activity through the web-based honeymap interface.
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Stay Updated with Mandos Brief
Get the latest cybersecurity updates in your inbox
TRENDING CATEGORIES
POPULAR
Security platform that provides protection, monitoring and governance for enterprise generative AI applications and LLMs against various threats including prompt injection and data poisoning.
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.