Question 1

Is OWASP Honeypot safe to run on a production network?

Accepted Answer

No, the README explicitly warns against using it on servers with sensitive data due to its experimental nature and potential errors. It's designed for isolated lab environments to minimize risks to production systems.

Question 2

How to set up OWASP Honeypot on Ubuntu?

Accepted Answer

Install Docker and Python dependencies, clone the repository, and use commands like 'python ohp.py' with module flags. However, detailed guides are sparse in the README, so refer to the wiki for step-by-step instructions, but expect potential issues.

Question 3

OWASP Honeypot vs Cowrie for SSH honeypots?

Accepted Answer

Cowrie is a mature, dedicated SSH honeypot with extensive logging and interaction features. OWASP Honeypot offers a multi-protocol framework but is less stable and focused; choose Cowrie for reliable SSH emulation and OWASP for experimental, broader setups.

Question 4

Can OWASP Honeypot log attacks to a database other than ElasticSearch?

Accepted Answer

The README emphasizes ElasticSearch integration for data storage and indexing, but the API might allow custom exports. Out-of-the-box support for other databases is limited, requiring additional development for integration.

Question 5

What are the system requirements for running OWASP Honeypot?

Accepted Answer

It requires Python 3.x, Docker, and ElasticSearch for full functionality, tested on Linux and Mac OS. Ensure sufficient resources for containerized services, but performance may vary due to its developmental state.

Question 6

How to customize the weak passwords in OWASP Honeypot?

Accepted Answer

Configuration is likely through module files or command-line arguments; check the wiki or source code for specifics, but documentation is limited, so you may need to experiment or modify Python scripts directly.

Python-Honeypot

What is Python-Honeypot?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions