The Port honeypot module opens fake services on random ports that have no active service running. So the Port honeypot module won’t stop an active service. These fake services mimic open ports so if someone is trying to find an open port to exploit it the IP address will be greylisted.
Configuration
Random ports
In order to manually set how many ports and what ports should be used on the honeypot, you can do it on configuration file: /etc/bitninja/PortHoneypot/config.ini Open this file with any text editor you prefer and edit.
To set a number of the random ports that will be used, add this line:
[random_mines]
random_mines=99
Save the changes and restart the BitNinja
service bitninja restart
Excluding specific ports
To exclude some port, which will never be used by the honeypot, open the same configuration file and find the ports_never_used and add additional lines for each port you want to exclude line. For example:
[ports_never_use]
ports[]=25
Once again, saved the changes and restart the BitNinja.
Set specific ports
In order to configure specific ports to be used open the BitNinja configuration file and navigate to line ports_always_use and define specific ports. Example:
[ports_always_use]
ports[]=11
Save changes and restart the BitNinja service.