Dockpot
Tool and Usage
Project details
- Programming language
- Python
- Author
- Ahmad Aabed
- Latest release
- No release found
- Latest release date
- Unknown
Project health
Links
 | GitHub project |
Why this tool?
Using an SSH honeypot is a good way to learn about common attacks on the SSH service. It can provide insights on the number of scans and probes on the network.
How it works
Dockpot created a Docker container and uses NAT to send SSH connections to it. When the container is no longer used, it destroys the container. When new traffic is coming in, a fresh container is created. Dockpot uses HonSSH, which is its turn is based on the work of the Kippo honeypot.
Usage and audience
Dockpot is commonly used for learning or threat discovery. Target users for this tool are security professionals and system administrators.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
Strengths
- + The source code of this software is available
Weaknesses
- - No releases on GitHub available
Installation
Supported operating systems
Dockpot is known to work on Linux.
Dependencies
Several dependencies are required to use Dockpot.
- MySQL
- PAM
- Twisted
- docker-py
- pillow
- pyasn1
- pycrypto
Dockpot alternatives
Similar tools to Dockpot:
Cowrie
Cowrie is a honeypot to emulate SSH and telnet services. It can be used to learn attack methods and as an additional layer for security monitoring.
HonSSH
HonSSH is a high-interaction SSH honeypot to collect information about attackers that target the SSH service.
SSH Honeypot
SSH Honeypot is as the name implies a honeypot to emulate the SSH service. It can be used to learn about threats and commands used by attackers.
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
Categories
This tool is categorized as a SSH honeypot and honeypot.