"Know your enemy" - a motto that we should be guided in the interests of developing the defensive capabilities of security teams and the honeypot network definitely has a lot of value here.
During the lecture, I will try to present ways of using and possibilities offered by open source honeypot solutions. We will talk about single projects imitating real services (DNS, SMB, SSH, SCP / SFTP, FTP, telnet, HTTP, TFTP, MySQL / MSSQL, RDP and many others), reverse proxy honeypot content injection into web applications, attacking attackers; Ending with dedicated platforms with built-in stack ELK.
Watch now