Honeypots on Servers!
Below are a series of hotlinks and short descriptions of honeypots that can be setup to monitor a server.
Slipm-honeypot – ( Rshipp. (2017) rshipp/slipm-honeypot: A simple low-interaction port monitoring honeypot. Retrieved April 21, 2017, from https://github.com/rshipp/slipm-honeypot)
HoneyWRT -“ HoneyWRT is a low interaction Python honeypot that is designed to mimic services or ports that might get targeted by attackers.”( Canadianjeff. (2017) CanadianJeff/honeywrt. Retrieved April 21, 2017, from https://github.com/CanadianJeff/honeywrt)
HonTel-“ HonTel is a Honeypot for Telnet service.”( Stamparm. (2017) stamparm/hontel: Telnet Honeypot. Retrieved April 21, 2017, from https://github.com/stamparm/hontel)
MTPot – (Cymmetria. (2017) Cymmetria/MTPot: Open Source Telnet Honeypot. Retrieved April 21, 2017, from https://github.com/Cymmetria/MTPot)
StrutsHoneypot – “ StrutsHoneypot is an Apache 2 based honeypot that includes a seperate detection module (apache mod) for Apache 2 servers that detects and/or blocks the sturts CVE 2017-5638 exploit.”( Cymmetria. (2017) Cymmetria/StrutsHoneypot. Retrieved April 21, 2017, from https://github.com/Cymmetria/StrutsHoneypot)
Heralding – (Johnnykv. (2017) johnnykv/heralding: Credentials catching honeypot. Retrieved April 21, 2017, from https://github.com/johnnykv/heralding)
VNC-Lowpot – ( Magisterquis. (2017) magisterquis/vnclowpot: Low-interaction VNC honeypot with a static challenge. Retrieved April 21, 2017, from https://github.com/magisterquis/vnclowpot)
SIREN – ( Blaverick62. (2017) blaverick62/SIREN: Semi-Intelligent HoneyPot Network – Semi-Intelligent Reactive Environment Network. Retrieved April 21, 2017, from https://github.com/blaverick62/SIREN)
Telnetlogger – ( Robertdavidgraham. (2017) robertdavidgraham/telnetlogger: Simulates enough of a Telnet connection in order to log failed login attempts. Retrieved April 21, 2017, from https://github.com/robertdavidgraham/telnetlogger)