Limiting visibility/(trying to make it look less like a honeypot) #1141
Replies: 1 comment 3 replies
-
|
Is there already a solution for this? Got the same situation now. |
Beta Was this translation helpful? Give feedback.
-
|
i never got any responses.. i've been just commenting out many of the HP's in the docker file to limit what is exposed. i dont know if this is the best approach or not |
Beta Was this translation helpful? Give feedback.
-
|
Can you show me what you exactly have been commenting out in de docker file? Because it doesn't seem to work properly by me. |
Beta Was this translation helpful? Give feedback.
-
|
I think I ran into or found one on a map when looking for a business IDK seems if located far from targeted audience then reference points or markers are difficult for them to identify or find your bobber in the water I'm new and don't know correct terms |
Beta Was this translation helpful? Give feedback.
-
hi, i'm not sure what the right terminology would be.. but what i'd like to do is "turn off" some of the tpot honeypots so they all aren't running.. so its not as obvious as a honeypot.
For example, I'd like to mimic a small business:
So i might only want, RDP, SFTP,SSH, Suricata running.
do i just need to comment out the rest of the honeypots in the tpot.yml? do i need to modify a firewall or any other configuration files? What would be the best approach to this?
what would be a good small business scenario/build?
any suggestions would be appreciated
Beta Was this translation helpful? Give feedback.
All reactions