Kategorien
Cybersecurity

Analyzing Honeypot Data after 2 Weeks

Two weeks ago I started a little experiment and set up the T-Pot honeypot collection on an AWS EC2 instance. This article describes what I’ve learned out analysing the collected data.

Kategorien
Cybersecurity

Setting up T-Pot in AWS Cloud (2020)

What is T-Pot?

T-Pot is a collection of dockerized versions of 18 honeypots (in T-Pot version 20.06) in combination with some powerful tools like the ELK stack for beautiful visualisation of all events captured by T-Pot.

Why is it of interest?

T-Pot is an easy way to collect all kind of information about ongoing cybersecurity threats without the hazzle of setting up a large amount of different systems by your own. The honeypots will pretend to be vulnerable servers and by doing so, invite automated attacks as well as manually hacking attempts.