The sys admin's daily grind: Glastopf
Hey, Honey
Good traps catch mice, and honeypots catch malicious scripts. Sys admin Charly resorts to a honeypot in this issue, which, although difficult to install, is easy to manage.
A honeypot is a service that runs on a server and simulates an insecure or incorrect configuration. The idea is to attract attackers with a supposedly vulnerable service and observe their intrusion attempts.
Glastopf [1] is such a honeypot, written in Python. It pretends to be a web server with a hugely vulnerable configuration. Unfortunately, most major distributions do not include a package for Glastopf. This prompted me to post a detailed installation guide as an Open Document text [2].
Raspberry Honey
After installation – in my case on a Raspberry Pi – the following command starts the server in the foreground:
[...]
Buy this article as PDF
(incl. VAT)