this post was submitted on 14 May 2024
0 points (50.0% liked)

homelab

6612 readers
1 users here now

founded 4 years ago
MODERATORS
0
Homelab Honeypot (lemmy.world)
submitted 6 months ago* (last edited 6 months ago) by root@lemmy.world to c/homelab@lemmy.ml
 

I recently installed an instance of TPot Honeypot, and it looks and feels pretty fantastic.

I haven't opened it up to the whole world, because my goal here was to just have the same ports I expose for my personal projects (game server, matrix chat, wireguard, etc) be exposed to it.

I know this project is a bit overkill for this use case, since it comes with a ton of honeypots that I'm not using, and that I'm essentially trying to make a fancy IDS, however I have a couple questions.

  1. Is it possible to add custom ports for honeypots that aren't included in the project? For example, if I have a game running on port 4567 and there is no honeypot for that, I won't see any activity.

  2. Is there another (perhaps lighter) Honeypot that you guys would recommend?

Edit: I guess disregard. I realize now that I can't have honeypots running on the same ports as the services in which I'm wanting to monitor. Port forwarding from WAN to multiple devices using the same port won't work

top 2 comments
sorted by: hot top controversial new old
[โ€“] ikidd@lemmy.world 2 points 6 months ago* (last edited 6 months ago)

The T-Pot installation needs at least 8-16 GB RAM, 128 GB free disk space

Good lord.

And fuck curl-bash script installers.

[โ€“] scottmeme@sh.itjust.works 1 points 6 months ago

HOLY SHIT! That's a long ass docker compose