Hontel – Telnet Honeypot

0
4
Hontel - Telnet Honeypot

HonTel is a Honeypot for Telnet service. Basically, it’s a Python v2.x utility emulating the service contained in the chroot surroundings. Originally it has been designed to be run contained in the Ubuntu surroundings, although it may very well be simply tailored to run inside any Linux surroundings.

Documentation:

Setting the surroundings and operating the appliance requires intermmediate Linux administration data. The entire deployment course of could be discovered “step-by-step” contained in the deploy.txt file. Configuration settings could be discovered and modified contained in the hontel.py itself. For instance, authentication credentials could be modified from default root:123456 to some arbitrary values (choices AUTH_USERNAME and AUTH_PASSWORD), customized Welcome message could be modified from default (choice WELCOME), customized hostname (choice FAKE_HOSTNAME), structure (choice FAKE_ARCHITECTURE), location of log file (contained in the chroot surroundings) containing all telnet instructions (choice LOG_PATH), location of downloaded binary information dropped by linked customers (choice SAMPLES_DIR), and so forth.

Note: Some botnets are likely to delete the information from compromised hosts (e.g. /bin/bash) with a purpose to harden itself from potential makes an attempt of cleansing and/or makes an attempt of set up coming from different (concurent) botnets. In such instances both the entire chroot surroundings needs to be reinstalled or host listing the place the chroot listing resides (e.g. /srv/chroot/) must be recovered from the beforehand saved backup (really useful).

MoreTip.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.