Question 1

How to install OpenCanary on Ubuntu?

Accepted Answer

Follow the README steps: install Python dependencies with apt, create a virtual environment, and pip install opencanary. Optional extras like Samba and Scapy need separate installation for full module support.

Question 2

OpenCanary vs Thinkst Canary: what's the difference?

Accepted Answer

OpenCanary is the open-source, self-hosted version ideal for customization and learning, while Thinkst Canary is a commercial product with managed services, advanced features, and enterprise support for easier deployment.

Question 3

Does OpenCanary work with Docker?

Accepted Answer

Yes, Docker images are available on Docker Hub, but note that the portscan module is automatically disabled in Dockerized versions due to network constraints, as mentioned in the README.

Question 4

How to configure alerts in OpenCanary?

Accepted Answer

Edit the JSON configuration file (e.g., /etc/opencanaryd/opencanary.conf) to enable alerting modules like email or Slack, and specify details; the README outlines this under configuring protocol modules.

Question 5

Can OpenCanary detect SSH brute force attacks?

Accepted Answer

Yes, if the SSH module is enabled in the configuration, it simulates an SSH server and alerts on login attempts, helping identify credential stuffing or brute force efforts.

Question 6

Is OpenCanary good for cloud environments?

Accepted Answer

Yes, it can run on cloud VMs, but ensure network settings allow the honeypot to be accessible and monitor traffic; however, some features like portscan might require host network access in Docker setups.

OpenCanary

What is OpenCanary?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Open Source Alternative To

Frequently Asked Questions