Just posting this new honeypotting project, called Modern Honey Network (MHN), here as a reference… It is great to see open efforts like this project that make it easier for organizations to learn more about their adversaries.
Most groups do not take advantage of such opportunities through and hopefully MHN will lower the barrier to entry and make us better defenders as an industry. Be forewarned though. Legal issues abound if you’re not careful.
For more information on these and other honeypots, see our previous Honeypots 101 post.
Researchers have built a free open-source honeypot software program aimed at propelling the hacker decoys into security weapons for everyday organizations.
The Modern Honey Network (MHN) software, created by the Google Ventures-backed startup ThreatStream, automates much of the process of setting up and monitoring honeypots, as well as gleaning threat intelligence from them. An API allows it to integrate with IDSes, IPSes, application-layer firewalls, SIEM, and other security tools to set up defenses against attacks it detects.
Honeypots — basically lures posing as machines that let organizations gather intelligence and study the behaviors of attackers — long have been a popular and valuable tool for security researchers. There are plenty of open-source honeypot tools available today, but the high maintenance and complexity of deploying and running these lures have made them unrealistic security options for most businesses.
Today’s post pic is from CarbonGames.com.