About the project

This project came to life because of my exposure to cyber security risks. In this project I modified existing and running platform called T-pot, a system that runs number of different honey-pots and collects data from each one. T-pot managing and overseeing. T-pot collects all data about cyber security risks that each honey-pot detect, by using specific signs to detect which attack /actions were preformed against our network. T-pot is more learning tool then alerting tool , and that’s why I saw potential . I choose to modify T-pot by creating real time mail alerts when attacker trying to preform bruteforce/dictionary attack on T-pot’s sign-in page. There are many ways to create this functionality ,it took me 4-5 different attempts , each one I read about across the internet, but something was missing each time. I decided to create my own scripts and to use a few method which I learned along the way.

Finally, I created this manual to help you and your organization to have a detection layer which can alert and notify about potential risk ahead. It is crucial to detect malicious behavior as soon as possible to prevent penetration. You can use my scripts which I wrote at the manual and modify them as you wish, this is the base.

This is version 2.0 : An updated version of my manual , I fixed a few critical bugs :

• There was a conflict in ports between Mailoney honeypot and Postfix service - they both run on the same port 25 and it made Tpot system collapse every few minutes.
• I added a few instructions on how to fix a "Network interface fail" error if it occur.

You can connect me using LinkedIn profile link at the cover of this project for any questions.

For more project I created in other fields : OS(operating systems) , Data Structure , System Programming(Object oriented) , projects in Assembly, Python , C & C++ , visit: https://github.com/TDanny/CS_Bsc_Technion-