How to set up Port honeypot?

  1. Home
  2. Knowledge Base
  3. Security & Abuse
  4. BitNinja
  5. How to set up Port honeypot?

The Port honeypot module opens fake services on random ports that have no active service running. So the Port honeypot module won’t stop an active service. These fake services mimic open ports so if someone is trying to find an open port to exploit it the IP address will be greylisted.

Configuration

Random ports

In order to manually set how many ports and what ports should be used on the honeypot, you can do it on configuration file: /etc/bitninja/PortHoneypot/config.ini Open this file with any text editor you prefer and edit.

To set a number of the random ports that will be used, add this line:

[random_mines]
random_mines=99

Save the changes and restart the BitNinja

service bitninja restart

Excluding specific ports

To exclude some port, which will never be used by the honeypot, open the same configuration file and find the ports_never_used and add additional lines for each port you want to exclude line. For example:

[ports_never_use]
ports[]=25

Once again, saved the changes and restart the BitNinja.

Set specific ports

In order to configure specific ports to be used open the BitNinja configuration file and navigate to line ports_always_use and define specific ports. Example:

[ports_always_use]
ports[]=11

Save changes and restart the BitNinja service.

Was this article helpful?

Related Articles