Create a Honeypot on Kali Linux with Pentbox

With the help of honeypot, you can easily monitor your operating system and monitor any hacker activity or you can say that it is the best way to hack the hacker himself.

Every large company already uses smart honeypots in its backend such as Google, Facebook and Microsoft.

In fact they want to track all the activities of all the users and if they find illegal or malicious activity then honeypot has the ability to immediately block the dangerous IP address.

Types of Honeypots

Honeypots can be categorized in two ways, based on development and design criteria.

a) Basis of development

  • Production Honeypot
  • Research Honeypot

b) Basis of design criteria

  • Pure Honeypot
  • High-Interaction Honeypot
  • Low-Interaction Honeypot

How to set up a honeypot on  Linux

As you all know, Kali Linux is one of the most popular pentesting features with over 600+ built-in hacking / attacking tools pre-installed.

To install honeypot on a computer running Kali Linux, you need to download and install Pentbox, the which you can easily find through it Github repository.

Mandate: git clone

Once downloaded, you can simply run pentbox by typing ” ./pentbox.rb ”Inside the pentbox-1.8 folder.

As you can see, it will display 7-8 options, which you can easily perform as follows:

  1. Cryptography tools
  2. Network tools
  3. Web
  4. IP Grabber
  5. IP geographical location
  6. Mass attack

To use the Cryptography Tools, just enter " 1 "And will display 4 other options such as" Base64 Encoder / Decoder "," Multi-Digest "," Hash Password Cracker " and " Secure Password Generator ".

You can use any of the options according to your needs.

We now have Network Tools in option no. 2 through which you can perform ” Net Dos Tester "," TCP port scanner "," Honeypot "," Fuzzer "," DNS and Host gathering" and " Mac address geolocation ".

To use the honeypot, just type " 3 At your terminal.

Now you can see that there are two options through which you can configure your honeypot.

  • a) Fast automatic configuration
  • b) Manual configuration (for advanced users)

Μπορείτε να ορίσετε οποιαδήποτε από τις επιλογές, αλλά για τους αρχάριους χρήστες, προτείνεται η επιλογή της Γρήγορης αυτόματης διαμόρφωσης. Όπως μπορείτε να δείτε, το honeypot ξεκινά στο παραπάνω στιγμιότυπο s.

Your honeypot will only monitor all activity on the PORT 80, but if you want to monitor some activity on another port, you can select the second Manual configuration option.

Port 80 means, when someone opens your IP / Host in their browser, then they will immediately record this request and display all possible information of this request as shown below:

The information you can see:

  • IP address
  • Details of its operating system
  • browser
  • various other information

Under the same network tools, there are also some interesting options such as " Net Dos Tester Through which you can easily DOS someone with SYN and TCP flood attacks. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new by email.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).