MP-IDS Honeypot

This repository contains the sources of a generic Connector with configuration files to be used in conjunction with the Dionaea honeypot. Furthermore, it contains configuration files for Dionaea to make it send incidents to the Connector.

Dionaea is used to provide a broad artificial attack vector. Whatever input Dionaea records, it gets forwarded to the Connector. The Connector is configured to handle the JSON data Dionaea sends and transforms them into Broker messages. Messages are then sent via Broker to a peered Bro master or slave instance.

Please have a look at the setup of the integration test, if you are interested in how the Connector and Dionaea work together with the other Beemaster components.

Generic Connector

You find all information about using the generic Connector together with Dionaea in the connector folder. The following topics will be discussed:

Dionaea Honeypot

You find all information about using Dionaea in a Docker environment and ready to use configurations in the dionaea folder.

Further Documentation

  • Dionaea: Logs a lot by default.
  • Connector: Does not log by default to a file. (Your start script may log the console output, though.)

License attribution

The dionaea honeypot is licensed under the GPL v2 license (Dionaea License).

Beemaster does solely use the Dionaea Honeypot without any modification of source code. All credits regarding Dionaea belong to the respective creator. Beemaster does not claim to own, modify or redistribute any of the used software components. The applied MIT license only regards the work done during the Beemaster project, including but not limitting to the creation of provided scripts, configuration files and the connector source files.