Question 1

How do I set up Glutton on a Ubuntu server?

Accepted Answer

Installation involves cloning the GitHub repository, building with Go, and configuring iptables rules as per the setup documentation. It requires root privileges and familiarity with Linux networking to redirect traffic properly.

Question 2

Glutton vs Cowrie: which is better for SSH honeypot?

Accepted Answer

Glutton is protocol-agnostic and lightweight, good for intercepting multiple protocols, while Cowrie is a dedicated high-interaction SSH honeypot with deeper emulation. Choose Glutton for broad traffic logging or Cowrie for focused SSH attack analysis.

Question 3

Can Glutton decrypt HTTPS traffic?

Accepted Answer

Glutton can intercept encrypted traffic, but decryption requires additional configuration with TLS keys and custom handlers, as it relies on protocol-specific processing detailed in the extension docs.

Question 4

What are the system requirements for running Glutton?

Accepted Answer

It needs a Linux system with root access, iptables, and Go installed. Resource usage is low, but network bandwidth and storage for logs should be considered based on traffic volume.

Question 5

How to add a custom protocol handler to Glutton?

Accepted Answer

Extend Glutton by writing a Go-based handler following the examples in the documentation. You'll need to integrate it into the architecture to process new protocol traffic.

Question 6

Is Glutton good for production security monitoring?

Accepted Answer

Glutton is best for research and analysis in controlled environments due to its low-interaction design; for production, it may lack real-time response features and could require careful tuning to avoid false positives.

glutton

What is glutton?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions