This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Hugo_vd_Kooij
Advisor
‎2018-11-23 04:08 AM

Honeypot

For those of you who want to play a bit more with the various blades I recommend you create an isolated network on your (test) firewall. On it you can install T-Pot as honeypot farm.

Then start by natting unused IP addresses to your honeypot farm and allow all traffic to hit the honeypot.

Most interresting is to see the differences in hits per day between Threat prevention in detect mode and in blocking mode.

Also once you have it open for a few days have a look at shodan.io and see how they start to map your honeypot for you. That in turn propably results in more traffic.

T-Pot results

I have few IP's leading to this honeypot and they get hit from all over the globe:

World map

T-Pot is a breeze to install and so much fun to bait. This way you can have more fun with your (test) firewall.

<< We make miracles happen while you wait. The impossible jobs take just a wee bit longer. >>
0 Replies

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events