|
@@ -6,8 +6,7 @@
|
|
|
Building an honeypot "network" with a central instance that aggregates the data collected.
|
|
Building an honeypot "network" with a central instance that aggregates the data collected.
|
|
|
|
|
|
|
|
# Idea:
|
|
# Idea:
|
|
|
-
|
|
|
|
|
-[](/img/20220525_01_maplegrid_honeypot_02.png)
|
|
|
|
|
|
|
+<img src="imgs/20220525_01_maplegrid_honeypot_02.png" width="400">
|
|
|
|
|
|
|
|
The idea is having as many "leaves" as we may so we can sense the "wind" and send everything to a central "trunk" where the info is processed.
|
|
The idea is having as many "leaves" as we may so we can sense the "wind" and send everything to a central "trunk" where the info is processed.
|
|
|
This way we can have our little network of ssh honeypots and do something with the data.
|
|
This way we can have our little network of ssh honeypots and do something with the data.
|
|
@@ -371,7 +370,7 @@ Kibana Dashboard: [kibana_dashboard.njson](/img/20220525_01_maplegrid_honeypot_f
|
|
|
|
|
|
|
|
My dashboard:
|
|
My dashboard:
|
|
|
|
|
|
|
|
-[](/img/20220525_01_maplegrid_honeypot_03.png)
|
|
|
|
|
|
|
+<img src="imgs/20220525_01_maplegrid_honeypot_03.png" width="400">
|
|
|
|
|
|
|
|
This is the data from 1 hour, we can see the ingestion from different "leaves".
|
|
This is the data from 1 hour, we can see the ingestion from different "leaves".
|
|
|
|
|
|
