Pentbox is a simple honeypot for beginners to use. Honeypots can give you a good
Pentbox is a simple honeypot for beginners to use. Honeypots can give you a good idea of how many people are probing your machine for weaknesses. Without a honeypot, you may not be able to tell if anyone is scanning your machine. Connect to the GUI of the Kali Linux VM in your Maryville Virtual Applications. Open a Terminal prompt Type the following commands and hit enter after each line: cd Downloads/ git clone https://github.com/technicaldada/pentbox.git cd pentbox/ tar -zxvf pentbox.tar.gz cd pentbox-1.8/ sudo ./pentbox.rb You should now be running PentBox. Please select the following options, hitting enter after every line: 2 (Network Tools) 3 (Honeypot) 1 (Automatic Setup) Now open another Terminal window, type in the following command and hit enter: ifconfig Copy your IP address Open a web browser in Kali Paste your IP address in the browser address bar and hit enter. Look back at the pentbox terminal window. Note the logs created from trying to access the web page. Take a screenshot. Explore other modules of the pentbox application. Next, we'll explore another honeypot, cowrie. Take screenshots of your process. Connect to the GUI of the Kali Linux VM in your Maryville Virtual Applications Open a Terminal prompt and type the following commands to install and run docker, hitting enter after each line. sudo apt update sudo apt install -y docker.io sudo systemctl enable docker --now docker Next, run cowrie with docker to run your honeypot: sudo docker run -p 2222:2222 cowrie/cowrie In a new Terminal window, use hydra to run a bruteforce attack against cowrie: hydra -l root -P /usr/share/wordlists/dirb/others/best110.txt -s 2222 -I -w 9 -t 64 localhost ssh Note the passwords found via hydra. Note the logs created in the Terminal window with cowrie. Try some different wordlists and flags in hydra to see how your results vary. How and why is this important from a business mindset? Write an APA-formatted 2-3-page essay about honeypots and their usefulness in cyber deception or PowerPoint Presentation/Infographic (etc) For extra points: 25pts Explore other honeypots and write about your process and results Publish an article on LinkedIn or another medium of your choosing regarding honeypots and cyber deception techniques Create a video walkthrough regarding the implementation and usage of a honeypot and publish it on YouTube. Please tag Maryville University Cyber Fusion Center wherever you publish your content! Email cfc@maryville.edu to let us know to share your artifacts (posts and/or content)!

Leave a Reply

Your email address will not be published.