HoneyDB Agent
HoneyDB Agent
by HoneyDB

Version Latest

OS Debian 9

MONITORING

Description

The HoneyDB Agent is a low-to-medium interaction honeypot for security purposes, that supports emulation of common TCP and UDP network services. The HoneyDB Agent can be configured to send captured honeypot data to the HoneyDB web site - a community-driven honeypot data collection and aggregation security service. Using the HoneyDB Threat Info RESTful API, you can download your honeypot data and/or all community contributed honeypot data to help defend your applications and network. Common network service emulation includes FTP, Telnet, SSH, DNS, MySQL, and more. Learn more about the HoneyDB Agent at https://honeydb-agent-docs.readthedocs.io/en/latest/. Learn more about the HoneyDB API at https://riskdiscovery.com/honeydb/threats.

HoneyDB Agent on DigitalOcean demo agent

Software Included

Getting started after deploying HoneyDB Agent

After you create a HoneyDB Agent One-Click Droplet, the HoneyDB Agent (honeydb-agent) will be installed. The next step is to SSH into the Droplet to configure and start the honeydb-agent service. The first time you SSH into the Droplet you will be prompted to configure honeydb-agent by entering your agent keys. Agent keys can be generated and retrieved by creating a free account at HoneyDB.io. Once you've entered the agent keys into the prompt the honeydb-agent service will start.

For more information on agent configuration, visit HoneyDB Agent Docs.

Note: You can continue to use port 22 (SSH) to access the Droplet. However, if you want to make port 22 (SSH) a honeypot service you'll need to configure your SSH service to listen on a different port and then configure honeydb-agent to listen on port 22 (by default honeydb-agent uses port 2222 to emulate SSH).

API Creation

In addition to creating a Droplet from the HoneyDB Agent 1-Click App via the control panel, you can also use the DigitalOcean API.

As an example, to create a 4GB HoneyDB Agent Droplet in the SFO2 region, you can use the following curl command. You’ll need to either save your API access token to an environment variable or substitute it into the command below.


  curl -X POST -H 'Content-Type: application/json' \
       -H 'Authorization: Bearer '$TOKEN'' -d \
      '{"name":"choose_a_name","region":"sfo2","size":"s-2vcpu-4gb","image":"honeydbagent-9"}' \
      "https://api.digitalocean.com/v2/droplets"
      

Support Details

Supported By:HoneyDB
Support URL:https://riskdiscovery.com/honeydb/about

More DigitalOcean Links

DigitalOcean Community

Developers supporting developers

Ask a Question

Ask anything related to system administration, programming, devops, open source, or the DigitalOcean platform.

List your 1-Click App in the DigitalOcean Marketplace

Partner with us to build traction for your open source project or software company