Assignment set up a honeypot virtual machine:Download the T-Pot ISO file called...

Question

Assignment set up a honeypot virtual machine:

Download the T-Pot ISO file called tpot_amd64.iso
(reference link below). Then, create a new VM with at least 20GB of
storage in your local Virtual Box installation and install T-Pot
(standalone installation). Remember to assign the ISO file to the
optical drive.

GitHub project page:
https://github.com/telekom-security/tpotce/releases

Installation:
https://github.security.telekom.com/2015/03/honeypot-tpot-concept.html#installation

Use a NAT adapter during the installation. When finished, change it
to Internal. Configure the Virtual Box adapter and the network
interface in T-Pot so that you can communicate from your Kali Linux
VM. Show that a ping works both ways.

Open the browser in Kali and access the web administration dashboard
in https://IP_T-POT:64294. Once you login with tsec,
capture a screenshot of the overview.

Access by SSH is restricted to only exchanged keys. Hence, the next
step is to copy your Kali’s public key into the file
~/.ssh/authorized_keys (in
tsec’s home), which does not
exist by default. To do it, you can use the “Terminal” option in
the administration dashboard or allow copying and pasting through
VMs in Virtual Box. Capture a screenshot of the command “cat
~/.ssh/authorized_keys”.

In Kali, execute the command below (adapted to your settings) to
create a tunnel, because the T-Pot dashboard is only listening
locally.

ssh -p XXXXXXXXXXl USER -N
-L8080: XXXXXXXXXX:64297 IP_T-POT

Then, access the dashboard from Kali with https://localhost:8080 and
capture a screenshot.

Note: the ssh tunnel might drop eventually, so just create it again
if needed.

Check that the attack map is empty and capture a screenshot.

Perform a brute-force attack with nmap against the port 22, where
the SSH honeypot is. You will need to use the scripting engine
(NSE). What command did you use?

Note: there are wordlists you can use in
/usr/share/wordlists/metasploit.

Check the SecurityMeter. Explain what information is shown.

If you intended to use T-Pot for research purposes capturing
information about new trends, what your advice would be regarding
where to install the machine, what IP address to use and whether a
firewall should be placed before the honeypots?

My email: XXXXXXXXXX

Naveen Kumar · Accepted Answer

1. Use a NAT adapter during the installation. When finished, change it to Internal. Configure the Virtual Box adapter and the network interface in T-Pot so that you can communicate from your Kali Linux VM. Show that a ping works both ways.
Kali Operating system ether interface is directly connected to external network through NAT ip 202.173.124.142.
Ping to external network
PC to Kali system (T-Pot)
Kali Linux (T-Pot) to PC
T-Pot installation Procedure:
#apt update 
# apt upgrade -y
#apt install git
Download and install tpotce
Clone the repository and enter it.
#git clone https://github.com/telekom-security/tpotce
To enter the tpot drive
#cd tpotce
Run makeiso.sh to build the ISO image. The script will download and install dependencies necessary to build the image
#sudo ./makeiso.sh
Post-Install Auto 
cp tpot.conf.dist tpot.conf ./install.sh --type=auto --conf=tpot.conf
to edit the default username and password
#cd /root/tpot.conf
#nano tpot-conf
Here change the username --- admin
and 		password -- admin
to install the  T-Pot
#mv tpot.conf ../
#./ install.sh –conf==/root.tpot.conf
To see, what services are running,
2. Open the browser in Kali and access the web administration dashboard in https://IP_T-POT:64294. Once you login with tsec,

Answer To This Question Is Available To Download

Assignment set up a honeypot virtual machine: Download the T-Pot ISO file called tpot_amd64.iso (reference link below). Then, create a new VM with at least 20GB of storage in your local Virtual Box...

Solution

Related Questions & Answers

Submit New Assignment