You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello. I have the following situation.
I setup a docker container that uses the ftp service of the honeypot . I login to the ftp honeypot and try to perform some actions .
First I do an mkdir FOO that works as expected. After that I do an ls command that returns a 425 data connection failed. After some digging I found out that the honeytrap tries to open an active socket which fails if the honeytrap is containerized (happens both in docker and kubernetes).
Is there a way to configure honeytrap to start as a passive server instead?
The text was updated successfully, but these errors were encountered:
@sammynx . I am out of the office and will try it tomorrow.However I am concerned about the following scenario. Assuming I wanna capture suspicious files that an attacker wants to upload to my ftp service. How will the attacker know they have to use PASV first? I am looking for a way to make this process as transparent as possible for the end users.
Thank you very much for all the work you have put here in the honeytrap
Hello. I have the following situation.
I setup a docker container that uses the ftp service of the honeypot . I login to the ftp honeypot and try to perform some actions .
First I do an
mkdir FOO
that works as expected. After that I do an ls command that returns a 425 data connection failed. After some digging I found out that the honeytrap tries to open an active socket which fails if the honeytrap is containerized (happens both in docker and kubernetes).Is there a way to configure honeytrap to start as a passive server instead?
The text was updated successfully, but these errors were encountered: