ssh-honeypotd Logo

ssh-honeypotd

0
Free
Visit Website

A low-interaction SSH honeypot written in C. Command Line Options: Usage: ssh-honeypotd [options]... Mandatory arguments to long options are mandatory for short options too. Options: -k, --host-key FILE: the file containing the private host key (RSA, DSA, ECDSA, ED25519) -b, --address ADDRESS: the IP address to bind to (default: 0.0.0.0) -p, --port PORT: the port to bind to (default: 22) -P, --pid FILE: the PID file (if not specified, the daemon will run in the foreground) -n, --name NAME: the name of the daemon for syslog (default: ssh-honeypotd) -u, --user USER: drop privileges and switch to this USER (default: daemon or nobody) -g, --group GROUP: drop privileges and switch to this GROUP (default: daemon or nogroup) -x, --no-syslog: log messages only to stderr (only works with --foreground) -f, --foreground: do not daemonize -h, --help: display help and exit -v, --version: output version information and exit -k option must be specified at least once if ssh-honeypots is compiled against libssh prior to 0.8.0 (note that in Ubuntu (and possibly Debian), libssh 0.8.0 is detected as 0.7.0 because of a bug in libssh.h). For newer libssh versions, the host key is generated automatically.

FEATURES

ALTERNATIVES

Netis Cloud Probe is an open source project for capturing and analyzing network packets across different machines.

Ensnare is a gem plugin for Ruby on Rails that enables quick deployment of a malicious behavior detection and response scheme using Honey Traps and Trap Responses.

Suricata offers real-time intrusion detection, intrusion prevention, and network monitoring.

Tcpdump is a command-line packet analyzer for capturing and analyzing network traffic.

A simple honeypot that opens a listening socket and waits for connection attempts, with configurable reply and event handling

PCAPdroid is a privacy-friendly app for tracking, analyzing, and blocking network connections on your device.

A simpler version of a honeypot that looks for connections from external parties and performs a specific action, usually blacklisting.