Docker based high interaction honeypot
vi /etc/ssh/sshd_config
Port 2222
restart sshd
sudo apt-get install xinetd
sudo apt-get install socat
cp scripts/honeypot /usr/bin/honeypot
cp xinetd/honeypot /etc/xinetd.d/honeypot
vi /etc/services
honeypot 22/tcp
restart xinetd
There are two versions of terminal session recorder, Showterm & Asciinema, choose what you like :)
cd honeyterm_asciinema
make
make build
cd honeyterm
make
make build
$ ssh guest@[IP/Domain Name]
default password is "honeypot"
Type some command there, and logout.
You can now use $ sudo docker exec -it {Your_Container} bash
to login without commands record
All records are saved in /tmp
If you choose honeyterm_asciinema, "getAsciinema.sh" can copy asciinema's json files and login information files from all containers.
You can put honeypot.clean to crontab, which can clean containers and backup log in /var/log/honeypot