Shlomi Ruder / W7500-honeypot

Simple Honeypot server based on Wiznet W7500, support 7 different sockets

Dependencies:   HoneyPot SDFileSystem WIZnetInterface mbed-src

Fork of W7500-honeypot by Shlomi Ruder

Honeypot Server Example w7500 Wiznet

Simple example of Honeypot server for detecting unwanted network behaviors over the network and report it to the administrator, for example, when the attacker scan the network and try to detect all the machines and services.

the honeypot is the dark corner of the network, is a place that nobody should visit and if some one does, it's not for legitimate reasons.

Configuration

first setup is define the honeypot server and the master address that will be access to administrator panel,

//honeypot address - static
char ip_addr[] = "192.168.1.111";

//master address - static
char master_addr[] = "192.168.1.6";

char subnet_mask[] = "255.255.255.0";
char gateway_addr[] = "192.168.1.1";

copy the html files inside html folder directly to root folder of the SD card.

Sockets

we can define up to 7 different ports (sockets) for detecting,

  int  ports[7] = {80, 22, 138, 21, 23, 35, 3306};
    
    
    if (!svr.start(ports, 7, master_addr, &eth)) {

        printf("Server not starting !");
        exit(0);
    }
    
    while(1) {
        svr.poll();
    }

Http Response

there is two different modes when setting socket on port 80, one for ordinary users and another for the master of the device.

Visitor

Master