It’s been a while but thought I would give another quick project a try on one of my Raspberry Pis. I just found a cool project created by a guy, Matt South. Here is a direct link to the project:
This project allows you to turn your Raspberry Pi into a honeypot. You may be asking well what is a honeypot. A honeypot is a system you can setup on your network that will attract potential attackers and will attempt to log their activities. If someone tries to attack your network you can get a notification about it so that you can either log the event or even respond to it.
By following the steps on both the above link and throughout the install process you can relatively easily turn your Raspberry Pi into a honeypot.
The setup is pretty automated and relatively easy but I did run into a few issues/difficulties during the process.
- The setup tells you to create an app password to send alerts via email. From my research if you don’t have 2FA turned on for the account then this step is unnecessary.
- [-] You may just need to add a default logging rule to the
‘filter’ ‘INPUT’ chain on Raspberry Pi. For more information,
see the file “FW_HELP” in the psad sources directory or visit:
- The above item is an error that I got when finishing the setup.
- I tried running a fast port scan using nmap and did not receive an alert.
I will have to do some further work on this and see if I can get it working properly. So far it doesn’t seem to work correctly. I must be missing something as other users/commenters are reporting that it does work properly. I will update this blog when I have fixed some of the issues.