Re: fake daemons, honeypots?

To: "Jeremy C. Reed" <reed%reedmedia.net@localhost>
Subject: Re: fake daemons, honeypots?
From: tlaronde%kergis.com@localhost
Date: Thu, 18 Jan 2024 09:52:19 +0100

On Wed, Jan 17, 2024 at 08:29:12PM +0000, Jeremy C. Reed wrote:
> Any suggestions for fake daemons to use to see scanners or malicious 
> connections?
> Maybe some services I can run via inetd?
> They don't need to actually attempt user authentication,
> so just some that have greeting banners as appropriate to initiate use.
> 
> I was looking for fake telnetd, imapd, ftpd for example.

You can probably do it with inetd builtins. See usr.sbin/inetd/inetd.c:/biltin
(FWIW, there is a reworked inetd version here, but for "biltin"s the
version is the same:

https://github.com/tlaronde/BeSiDe

that is current NetBSD plus some modifications/additions of my own).
-- 
        Thierry Laronde <tlaronde +AT+ kergis +dot+ com>
                     http://www.kergis.com/
                    http://kertex.kergis.com/
Key fingerprint = 0FF7 E906 FBAF FE95 FD89  250D 52B1 AE95 6006 F40C

References:
- fake daemons, honeypots?
  - From: Jeremy C. Reed

Prev by Date: Re: WireGuard setup in NetBSD 10
Next by Date: Re: WireGuard setup in NetBSD 10
Previous by Thread: fake daemons, honeypots?
Next by Thread: WireGuard setup in NetBSD 10
Indexes:

Home | Main Index | Thread Index | Old Index