Showing results for 
Search instead for 
Did you mean: 

How to create a "HoneyPot"

Occasional Visitor

How to create a "HoneyPot"

Smithy Needs help!
My boss at Denver Metro College has asked me to create a "honeypot" where I will assign a username like "admin" and a simple password so that someone may try to hack in. He then wants that person to be redirected to a locked down shell like RSH and the ip address to be logged. I have no clue how to use Tru 64 let alone try and create restricted users. I have been doing allot of research and thought I was on the right path up until I found out that the copy of Tru64 we are using doesent have edauth utility.

If someone is willing to give me some tips on how to create this account with/without the edauth utility I would be apprciative.
Victor Semaska
Frequent Advisor

Re: How to create a "HoneyPot"

I'll give this a try:

If you don't have edauth then you probably don't have Enhanced Security enabled so...

man adduser on how to add a user.

In /etc/passwd the last field is the login shell for the account. I'd change it to something else. Maybe a script but I don't know if it'll work.

In /etc/shells that login shell has to be listed. man shells for more details.

For logging the IP address I'd enable auditing if possible. It'll list from where and when in the auditing log.

Hope this helps.