Difference between revisions of "HoneyDB Honeypot workshop"
(Learn how to deploy honeypots using HoneyDB in this workshop!) |
|||
| (3 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | [[File:HoneyDB.png]] | ||
| + | |||
== Abstract == | == Abstract == | ||
| Line 20: | Line 22: | ||
== Technical Requirements == | == Technical Requirements == | ||
| − | * | + | * Computer: Linux, Mac, or Windows |
| − | * SSH Client if using Windows | + | * You will need a HoneyDB account to generate API keys. Creating a HoneyDB account requires that you login via your GitHub, Twitter, or Google account. Visit https://honeydb.io/login to login/create your HoneyDB account. |
| − | * Postman | + | * SSH Client: We will use SSH to connect to a cloud host, if using Windows a free SSH client can be found here https://www.putty.org/ |
| − | * | + | * Postman: Download/install from https://www.getpostman.com/ |
| + | * Cloud host: A cloud host will be provided in the workshop (DigitalOcean). If you prefer to use your own that is fine. Options for getting your own cloud host can be found [https://honeydb.io/deploy here] | ||
| + | * Slack - https://slack.com/ (optional, if you want to join the community) | ||
| + | |||
| + | Note: We will be editing configuration files and scripts on the cloud host. We will use the [https://www.nano-editor.org/ nano text editor] in via the SSH terminal. | ||
| + | |||
| + | If you are comfortable with using Python locally on your computer, note the following recommendations: | ||
| + | |||
* Python 2.7 or greater | * Python 2.7 or greater | ||
* PIP for Python - https://pip.pypa.io/en/stable/installing/ | * PIP for Python - https://pip.pypa.io/en/stable/installing/ | ||
| − | * | + | * Code editor (MS Visual Studio Code is great: https://code.visualstudio.com/) |
| − | |||
Latest revision as of 19:05, 18 July 2020
Abstract
Honeypots can be implemented to discover new threat information or detect intruders on a network. However, while there are numerous free honeypots available, many of them can be complicated to deploy and require additional engineering to consume log data. If you are curious about honeypots and are interested in a simple way to deploy your own honeypots, the HoneyDB honeypot workshop is for you.
All skill levels are welcome to attend, you only need an interest in honeypots :-)
Agenda
- Intro to honeypots
- Open source honeypots
- HoneyDB
- HoneyDB Agent
- Deploying an agent in the cloud
- Testing the agent
- Querying the Threat API
- HoneyDB CLI Python tool
- Write an API client
- Resources (Slack / Twitter)
Technical Requirements
- Computer: Linux, Mac, or Windows
- You will need a HoneyDB account to generate API keys. Creating a HoneyDB account requires that you login via your GitHub, Twitter, or Google account. Visit https://honeydb.io/login to login/create your HoneyDB account.
- SSH Client: We will use SSH to connect to a cloud host, if using Windows a free SSH client can be found here https://www.putty.org/
- Postman: Download/install from https://www.getpostman.com/
- Cloud host: A cloud host will be provided in the workshop (DigitalOcean). If you prefer to use your own that is fine. Options for getting your own cloud host can be found here
- Slack - https://slack.com/ (optional, if you want to join the community)
Note: We will be editing configuration files and scripts on the cloud host. We will use the nano text editor in via the SSH terminal.
If you are comfortable with using Python locally on your computer, note the following recommendations:
- Python 2.7 or greater
- PIP for Python - https://pip.pypa.io/en/stable/installing/
- Code editor (MS Visual Studio Code is great: https://code.visualstudio.com/)
