freshmeat.net: Project details for Tiny Honeypot

22:50 UTC

[Project]

Tiny Honeypot - Default branch

Section: Unix

Added: Mon, Jul 15th 2002 02:51 UTC (5 years, 11 months ago)

Updated: Thu, Jul 1st 2004 11:50 UTC (4 years, 0 months ago)

About:
Tiny Honeypot (thp) is a simple honey pot program based on iptables redirects and an xinetd listener. It listens on every TCP port not currently in use, logging all activity and providing some feedback to the attacker. The responders are entirely written in Perl, and provide just enough interaction to fool most automated attack tools, as well as quite a few humans, at least for a little while. With appropriate limits (default), thp can reside on production hosts with negligible impact on performance.

Author:
George Bakos [contact developer]

Homepage:
http://www.alpinista.org/thp/
Tar/GZ:
http://www.alpinista.org/files/thp/thp-0.4.6.tar.gz
Changelog:
http://www.alpinista.org/files/thp/thp-0.4.6/CHANGELOG
Debian package:
http://packages.debian.org/tinyhoneypot

Trove categories: [change]
[Development Status] 4 - Beta
[Environment] Console (Text Based)
[Intended Audience] System Administrators
[License] OSI Approved :: GNU General Public License (GPL)
[Operating System] POSIX :: Linux
[Programming Language] Perl
[Topic] Security

Dependencies: [change]
iptables (required)
xinetd (recommended)
[download links]

Project admins: [change]
» George Bakos (Owner)

» Rating: 8.47/10.00 (Rank N/A)
» Vitality: 0.00% (Rank 13591)
» Popularity: 1.03% (Rank 5584)

(click to enlarge graphs)

   Record hits: 10,725
   URL hits: 5,280
   Subscribers: 24

Other projects from the same categories:
SDSC/GT Secure FTP
Linux ACL support
b0rz
QTSfv
Jacksum

Users who subscribed to this project also subscribed to:
CMus - C* Music Player
pacKAGE oRGANIZER
XAO Foundation Server
btn4ws.pl
Intrusion Detection Exchange Architecture

Add comment · Rate this project · Subscribe to new releases · Ignore this project · Email this project to a friend · Project record in XML

Branches

Branch Version Last release License URLs

Default 0.4.6 24-May-2003 GNU General Public License (GPL)

Releases

Version Focus Date

0.4.6 Minor feature enhancements 24-May-2003 06:32

0.4.4 Minor feature enhancements 02-Aug-2002 20:36

0.4.3-2 Minor feature enhancements 23-Jul-2002 06:44

0.4.3-1 Minor bugfixes 16-Jul-2002 10:07

0.4.3 Initial freshmeat announcement 15-Jul-2002 08:59

Comments

[»] The perfect IDS spice
by Bill Scherr IV - Aug 1st 2002 13:28:02

This package is perfect for those who are not intimately familiar with packet bits and c source code. The listener is just that, a listener. The responses are there to illicit a further degree of attacker activity without actually running the service. Attackers won't know what they're hitting until they've tipped their hands!

What does this do for you? If you want to understand more about network shenanigans, this will lay bare RPC and FTP attacks. It's in PERL, so if you want more services, grab an RFC and write it! A CAVEAT! If you're running a production network, think long and hard before putting this up! If you are not comfortable that your IDS is showing you everything, don't even think about it! Just say no!!!!

If you are still here, that means you know what xinetd and iptables do, can analyze their settings, and have them working. Open this in a test directory, and check out what it does first! You may have to manually add some rules, or adjust some services. Do it, and enjoy watching the script kiddies bounce off your walls.

--
Bill Scherr IV, GSEC, GCIA EWA / Information & Infrastructure Technologies Colchester, VT

[reply] [top]