Setting Up a Honeypot in AWS and Analyzing Cyber Attacks (Check pinned comment for 2022 update)

This is such a sick walkthrough. Thanks so much for sharing it! Would be good to get a guide on setting up VMs in VirtualBox. I did this myself in the end but it was moderately painful :D

alicemary

Yo! Thank you for this. I’m going to make a few tweaks and make a blog post on this.

kwesihenry

Can you make a follow up as to why after shutting down the instance many of us are not able to get back into T-Pot. Appreciate it in advance.

roliramos

PowerShell7 supports ssh btw. Also WSL is a good option.

gkster

IMPORTANT UPDATE: Due to the honeypot github repo being updated you will need to use Debian 11 instead of Debian 10 now when you set up your AWS instance! If you do not do this you might get an error saying Debian buster is not supported.

cybergoldenretriever

I don't get hit with that warning window in order to sign in 21:44

ninagee

I'd just like to interject for a moment. What you're refering to as Linux, is in fact, GNU/Linux, or as I've recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.

Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called Linux, and many of its users are not aware that it is basically the GNU system, developed by the GNU Project.

There really is a Linux, and these people are using it, but it is just a part of the system they use. Linux is the kernel: the program in the system that allocates the machine's resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called Linux distributions are really distributions of GNU/Linux!

sudaphedz

No matter what I do I keep getting connection refused when trying to SSH into the machine for the first time. It is 2024 so I use Debian 12
1. I checked inbound rules and they are set correctly
2. I tried to connect with another AWS instance and it still would not work
3. I rebooted the instance and it did not work
4. I ensured I had the private key and it confirms I have the right one, still refuses connections

I am at a complete loss. Any help?

Jayohkay

Hey everyone!

I have successfully installed T-Pot whilst connecting to my AWS instance via SSH client (Linux Virtual Machine).

I can access the T-Pot dashboard, however I'm experiencing issues with accessing Kibana.

Can anyone help me or guide me towards fixing this issue? I have my project assignment due shortly, so immediate responses would be very appreciated!

Thank you in advance! :)

ferozhussain

Hello! I literally followed all the steps but when I try to access the web(ip:64297), I get an error: "unable to connect.
Firefox can't establish....".
How do I fix this?

falconspy

Which IDS is used in intrusion detection?

Scotts_

The step at 21:51, seems like I forgot the credentials, I tried a bunch of attempts and now it keeps on saying “unable to connect” and doesn’t prompt me to put in the credentials.

Is there a way to reset the credentials 😭?

handle-

Does everything that’s written in the terminal exactly the same as the terminal in linux virtual machine ?

Scotts_

You set up a honeypot in Tokyo right, but why do you get a usa attacks?

yaswanththavanti

Not able to connnect to port ssh 64295

partha

When i wanted to clone from github, it asked for username and password and then fails to clone. Could someone please help.

Scotts_

Hi, I'm getting the error, Sorry Debian Buster is not supported please help. I followed all the same steps

talishgarg