How to Create a honeypot to trap the hacker

HoneyPot (To Check intrusion Detection )

Aim-: It’s a sacrificial computer system that’s intended to attract cyberattacks, like a decoy. It mimics a target for hackers and uses their intrusion attempts to gain information about cyber criminals and the way they are operating or to distract them from other targets.

Steps-:

1.) You have to Create one Repository on Github in the ruby language

2.) You have to give an option in that repository about Network Tools

3.) In that Network Tool option tool, you have to give the option of honeypot

4.) And then in the honeypot, you have to give 2 option

→1 is fast auto-configuration

→ 2nd is manual configuration

5.) Then based on the option like if someone selects fast Auto Configuration then you have to use logic while writing code which enables port 80.

6.) If someone wants to do manual configuration then you have to provide an option to do the thing custom

Actual workflow-:

1.) Click on this https://cutt.ly/bcPJ900 link to get the repository

2.) Now click on the code and copy the whole line written there

3.) Open your terminal in the machine (whether you are using kali Linux or you use parrot os)

4.) After terminal type, the below command to came on desktop

è cd Desktop

5.) To deploy this pentbox (honeypot) type the below command

è git clone https://github.com/technicaldada/pentbox.git

6.) As the deployment of the tool is done you have to go inside the folder and have to unzip it to the folder name “pentbox tar gz”.

Follow the below command to do that

→ cd pentbox

→ tar -zxvf pentbox.tar.gz

After typing of above two command whole unzipping will start and look like the above-shared file

7.) Now you have to check the availability of the folder by simply typing the command “ls” then you can see the presence of file “pentbox-1.8”

→ls

→cd paentbox-1.8

→ ls

8.)

Go inside the file name “paintbox-1.8”

9.) Now simply type the below command

è Sudo ./pentbox.rb

è After typing the below command it will be going to ask you password, you enter the same password you have given while logging in into your system

10.) Below screen will appear in front of you now you to go process by process.

1>

Select option 2 Network tools

2>

now you have to select option “3 honeypots “

ls

3>

you will be going to get select an option select “1 Fast Auto Configuration” and then the message will be going to appear “HONEYPOT ACTIVATED ON PORT 80 (TIME)”

4> Now you have to open browse in the same machine or a different machine (we have taken the example of the same machine )

5>

So first check the IP of your machine by typing the command “ifconfig in your terminal”

Like here we get IP of our machine is 192.168.60.131 (it might be changed in your machine)

6> Now Open the web browser and type the same IP there 192.168.60.131

11.) Lastly, come back again to your terminal where you had selected fast auto-configuration there you can see the intrusion detection activities and hackers can not go beyond this option.

So the information and details you got like “INTRUSION ATTEMPT DETECTED”

Whole Process video link you can find below I have created a practical demonstration and also uploaded it on youtube so that you can watch this anytime (it also includes manual configuration )

Video link -: https://youtu.be/msOcPOqs4u4