Arpad Krejczinger
471659a95a
- config/systemd/ssh-honeypot.service: Systemd service for port 22 honeypot - config/honeypot/response.sh: Response script that logs connections and sends fake SSH banner - Both files include deployment instructions and setup commands
20 lines
607 B
Bash
20 lines
607 B
Bash
#!/bin/bash
|
|
# SSH Honeypot Response Script
|
|
# Deploy to: /opt/honeypot/response.sh
|
|
#
|
|
# Setup commands:
|
|
# sudo mkdir -p /opt/honeypot
|
|
# sudo cp config/honeypot/response.sh /opt/honeypot/
|
|
# sudo chmod +x /opt/honeypot/response.sh
|
|
# sudo touch /var/log/honeypot.log
|
|
# sudo chmod 644 /var/log/honeypot.log
|
|
|
|
# Log connection with timestamp and client IP
|
|
CLIENT_IP=${NCAT_REMOTE_ADDR:-unknown}
|
|
echo "$(date): SSH honeypot connection from $CLIENT_IP" >> /var/log/honeypot.log
|
|
|
|
# Send fake SSH banner to make it look like OpenSSH
|
|
echo "SSH-2.0-OpenSSH_8.9"
|
|
|
|
# Brief delay before closing connection
|
|
sleep 2 |