HoneyDB Agent
HoneyDB Agent
by HoneyDB

VERSION Latest

OS Debian 9

Create HoneyDB Agent Droplet

Description

The HoneyDB Agent is a low-to-medium interaction honeypot for security purposes, that supports emulation of common TCP and UDP network services. The HoneyDB Agent can be configured to send captured honeypot data to the HoneyDB web site - a community-driven honeypot data collection and aggregation security service. Using the HoneyDB Threat Info RESTful API, you can download your honeypot data and/or all community contributed honeypot data to help defend your applications and network. Common network service emulation includes FTP, Telnet, SSH, DNS, MySQL, and more. Learn more about the HoneyDB Agent at https://honeydb-agent-docs.readthedocs.io/en/latest/. Learn more about the HoneyDB API at https://riskdiscovery.com/honeydb/threats.

HoneyDB Agent on DigitalOcean demo agent

Software Included

PackageVersionLicense
honeydb-agentlatestCustom

Getting started after deploying HoneyDB Agent

After you create a HoneyDB Agent One-Click Droplet, the HoneyDB Agent (honeydb-agent) will be installed. The next step is to SSH into the Droplet to configure and start the honeydb-agent service. The first time you SSH into the Droplet you will be prompted to configure honeydb-agent by entering your agent keys. Agent keys can be generated and retrieved by creating a free account at HoneyDB.io. Once you've entered the agent keys into the prompt the honeydb-agent service will start.

For more information on agent configuration, visit HoneyDB Agent Docs.

Note: You can continue to use port 22 (SSH) to access the Droplet. However, if you want to make port 22 (SSH) a honeypot service you'll need to configure your SSH service to listen on a different port and then configure honeydb-agent to listen on port 22 (by default honeydb-agent uses port 2222 to emulate SSH).

API Creation

In addition to creating a Droplet from the HoneyDB Agent 1-Click App via the control panel, you can also use the DigitalOcean API.

As an example, to create a 4GB HoneyDB Agent Droplet in the SFO2 region, you can use the following curl command. You’ll need to either save your API access token to an environment variable or substitute it into the command below.


  curl -X POST -H 'Content-Type: application/json' \
       -H 'Authorization: Bearer '$TOKEN'' -d \
      '{"name":"choose_a_name","region":"sfo2","size":"s-2vcpu-4gb","image":"honeydbagent-9"}' \
      "https://api.digitalocean.com/v2/droplets"
      

Support Details

Supported By:HoneyDB
Support URL:https://riskdiscovery.com/honeydb/about

Learn More

Product Docs

Technical overviews, how-tos, release notes, and support material

Tutorials

DevOps and development guidelines

API Docs

Run your resources programmatically

Ask a question

Connect, share and learn