1. 简介
蜜罐 技术本质上是一种对攻击方进行欺骗的技术,通过布置一些作为诱饵的主机、网络服务 或者信息,诱使攻击方对它们实施攻击,从而可以对攻击行为进行捕获 和分析,了解攻击方所使用的工具与方法,推测攻击意图和动机,能够让防御方清晰地了解他们所面对的安全威胁,并通过技术和管理手段来增强实际系统的安全防护能力。2. 下载
https://hfish.net/#/ 2. 安装
mkdir /usr/local/share/hfish
tar zxvf hfish-3.0.1-linux-amd64.tgz -C /usr/local/share/hfish
cd /usr/local/share/hfish/
./install.sh3. 登录
登陆链接:https://[ip]:4433/web/
账号:admin
密码:HFish20214. 安装后监听的端口
5. 测试
以22端口为例登录测试
┌──(kali㉿kali)-[~]
└─$ ssh root@192.168.83.128
The authenticity of host '192.168.83.128 (192.168.83.128)' can't be established.
RSA key fingerprint is SHA256:L/ikqThmxpYfFEOl+nc9xbmZhoN6osm0zbyB91nQSwM.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.83.128' (RSA) to the list of known hosts.
root@192.168.83.128's password:
Received disconnect from 192.168.83.128 port 22:2: too many authentication failures
Disconnected from 192.168.83.128 port 22
┌──(kali㉿kali)-[~]攻击检测:
6.手册
https://hfish.net/#/README
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。