Secure Honey is an SSH honeypot written in C. If that makes no sense to you, please read on...
This website is a place for me to log the progress of my final year project at the University of Sussex, the project is being supervised by Dr Martin Berger.
The project aim is to build a honeypot to research cyber-attack techniques; I've named the honeypot "Secure Honey".
A honeypot is defined as: a place to which many people are attracted. In this case I'm trying to attract cyber attackers (or hackers).
Or, In computer terminology: a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems
A honeypot "consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers" (technical definition: Wikipedia).
The idea behind a honeypot is to lure an attacker into believing that they're breaking/hacking into a computer network - but it's actually a trap. The honeypot records the attackers activities and logs it for analysis
For further reading on honeypots see:
My final year project is to Build an SSH Honeypot written in C so I can then research cyber-attack techniques.
An SSH (secure shell) honeypot is designed to look like an SSH server. SSH is used to allow a secure, remote, command-line login between two networked computers (see SSH on Wikipedia).
In other words: SSH allows a computer user to control another computer remotely.
So why am I building the honeypot in C?
C is a powerful system programming language and is one of the most widely used programming languages of all time (see Wikipedia page on the C programming language.)
I've chosen to write my project in C because the SSH server I'm "impersonating" is written in C. By using the same language, I'm hoping to be able to convince attackers that they're connecting to a real SSH server.
My name's Simon Bell, I'm a final year undergraduate student studying Computer Science (BSc) at the University of Sussex, United Kingdom.
Since writing this page I've received a number of concerns from readers stating that Wikipedia is an unreliable source of information. I've added this section to address these concerns and explain why this page references Wikipedia multiple times.
The field of Computer Science and Information Security is constantly evolving on a daily basis and, therefore, many technical definitions can become outdated rather quickly.
Wikipedia is a useful resource for gaining familiarity with topics (Harvard University: "What's Wrong with Wikipedia?"). The purpose if this about page is to provide the reader with a familiarity of technical terms related to the project.
So the references to Wikipedia provided on this page are there to help the reader understand the technical aspects of this project, since Wikipedia is often the most frequently updated source for technical definitions. Also, considering the volume of Wikipedia readers that lookup technical definitions, any errors are likely to be swiftly corrected.
The academic research carried out for this project does not include references to Wikipedia (except for the occasional image URL), as can be seen in the publications section of this website.
Image credit: "Honey jar" by Nic McPhee, flickr.com/photos/nicmcphee/411317929
date range | # attempts |
today | 393 |
yesterday | 194 |
past 7 days | 4,426 |
past 30 days | 17,357 |
all time | 4,114,040 |
password | # attempts |
123456 | 18,562 |
admin | 8,503 |
password | 6,536 |
- | 6,393 |
root | 4,833 |
username | # attempts |
root | 3,927,129 |
admin | 78,772 |
test | 4,046 |
oracle | 3,356 |
nagios | 2,648 |
Stats represent data collected from SSH login attempts on multiple honeypots. Parts of some stats may be filtered to maintain anonymity.
Updated: Tue, 07 Jun 2016 16:33:48 +0000