Thanks to visit codestin.com
Credit goes to github.com

Skip to content

cowrie/honeyd

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

459 Commits
.beads
.beads
 
 
.github/workflows
.github/workflows
 
 
cmake
cmake
 
 
compat
compat
 
 
debian
debian
 
 
doc
doc
 
 
os-test
os-test
 
 
pypcap
pypcap
 
 
regress
regress
 
 
sample-config
sample-config
 
 
scripts
scripts
 
 
subsystems
subsystems
 
 
tests/smoke
tests/smoke
 
 
webserver
webserver
 
 
.clang-tidy
.clang-tidy
 
 
.gitignore
.gitignore
 
 
CLAUDE.md
CLAUDE.md
 
 
CMakeLists.txt
CMakeLists.txt
 
 
ChangeLog
ChangeLog
 
 
LICENSE
LICENSE
 
 
README
README
 
 
TODO
TODO
 
 
analyze.c
analyze.c
 
 
analyze.h
analyze.h
 
 
arp.c
arp.c
 
 
arp.h
arp.h
 
 
atomicio.c
atomicio.c
 
 
atomicio.h
atomicio.h
 
 
command.c
command.c
 
 
condition.c
condition.c
 
 
condition.h
condition.h
 
 
config.c
config.c
 
 
config.cowrie
config.cowrie
 
 
config.ethernet
config.ethernet
 
 
config.h.in
config.h.in
 
 
config.sample
config.sample
 
 
daemon.c
daemon.c
 
 
debug.h
debug.h
 
 
dhcpclient.c
dhcpclient.c
 
 
dhcpclient.h
dhcpclient.h
 
 
err.c
err.c
 
 
ethernet.c
ethernet.c
 
 
ethernet.h
ethernet.h
 
 
fdpass.c
fdpass.c
 
 
fdpass.h
fdpass.h
 
 
filter.c
filter.c
 
 
filter.h
filter.h
 
 
generateDebs
generateDebs
 
 
generate_assoc.py
generate_assoc.py
 
 
getopt_long.c
getopt_long.c
 
 
gre.c
gre.c
 
 
gre.h
gre.h
 
 
histogram.c
histogram.c
 
 
histogram.h
histogram.h
 
 
honeyd.8
honeyd.8
 
 
honeyd.c
honeyd.c
 
 
honeyd.h
honeyd.h
 
 
honeyd_overload.c
honeyd_overload.c
 
 
honeyd_overload.h
honeyd_overload.h
 
 
honeydctl.1
honeydctl.1
 
 
honeydctl.c
honeydctl.c
 
 
honeydstats.c
honeydstats.c
 
 
honeydstats.h
honeydstats.h
 
 
honeydstats_main.c
honeydstats_main.c
 
 
hooks.c
hooks.c
 
 
hooks.h
hooks.h
 
 
hsniff.c
hsniff.c
 
 
hsniff.h
hsniff.h
 
 
interface.c
interface.c
 
 
interface.h
interface.h
 
 
ipfrag.c
ipfrag.c
 
 
ipfrag.h
ipfrag.h
 
 
keycount.c
keycount.c
 
 
keycount.h
keycount.h
 
 
lex.l
lex.l
 
 
log.c
log.c
 
 
log.h
log.h
 
 
network.c
network.c
 
 
network.h
network.h
 
 
nmap-mac-prefixes
nmap-mac-prefixes
 
 
nmap-os-db
nmap-os-db
 
 
nmap.assoc
nmap.assoc
 
 
osfp.c
osfp.c
 
 
osfp.h
osfp.h
 
 
parse.y
parse.y
 
 
parser.h
parser.h
 
 
personality.c
personality.c
 
 
personality.h
personality.h
 
 
pf.os
pf.os
 
 
pf_osfp.c
pf_osfp.c
 
 
pfctl_osfp.c
pfctl_osfp.c
 
 
pfvar.h
pfvar.h
 
 
plugins.c
plugins.c
 
 
plugins.h
plugins.h
 
 
plugins_config.c
plugins_config.c
 
 
plugins_config.h
plugins_config.h
 
 
pool.c
pool.c
 
 
pool.h
pool.h
 
 
pydatahoneyd.c
pydatahoneyd.c
 
 
pydatahoneyd.h
pydatahoneyd.h
 
 

Repository files navigation

Honeyd
Copyright (c) 2002-2007 Niels Provos <[email protected]>
Copyright (c) 2007-2013 DataSoft Corporation
Copyright (c) 2025 Michel Oosterhof <[email protected]>
-------------------------------------------------------------------------

About Honeyd:
-------------

Honeyd is a small daemon that creates virtual hosts on a network.  The
hosts can be configured to run arbitrary services, and their TCP
personality can be adapted so that they appear to be running certain
versions of operating systems.  Honeyd enables a single host to claim
multiple addresses - I have tested up to 65536 - on a LAN for network
simulation.

It is possible to ping the virtual machines, or to traceroute them.
Any type of service on the virtual machine can be simulated according
to a simple configuration file.  Instead of simulating a service, it
is also possible to proxy it to another machine.

Installation:
-------------

Honeyd depends on several libraries:

 - libevent  - event notification
 - libdnet   - packet creation (libdumbnet on Debian)
 - libpcap   - packet sniffing
 - libreadline - command line editing
 - zlib      - compression

To install dependencies on Debian/Ubuntu:

$ sudo apt-get install cmake libevent-dev libdumbnet-dev libpcap-dev \
    libreadline-dev zlib1g-dev flex bison

To build honeyd using CMake:

$ mkdir build && cd build
$ cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo
$ make
$ sudo make install

Documentation:
--------------

You can find documentation as part of this release.  The manual
page can be accessed with the following commands:

$ man honeyd

or in the source directory

$ nroff -mdoc honeyd.8

More information can be found at http://www.honeyd.org/ and https://github.com/cowrie/honeyd

Running:
--------

Honeyd requires root-privileges for execution.  Normally, you run it
with arguments similar to the following:

$ sudo honeyd -d -f config.sample 10.0.0.0/8

It is strongly recommended that you run Honeyd in a chroot environment
or with reduced privileges.  Honeyd drops privileges after creating
its raw sockets if you specify a user with -u <uid> and -g <gid> flags.

Testing
-------

To empirically verify the quality of OS scan results, a bash script named
ostest is included. There are a few "gotcha"s with this, however. Normally,
honeyd ignores packets coming from the same machine that it's running on
so as to avoid routing loops.

An ugly hack to make this work is to use a separate hardware ethernet
interface such as a cheap usb-ethernet adapter. You then have two eth adapters,
call them eth0 and eth1. Set up a route so that the IP address given to
ostest is routing to eth0. You then set up honeyd to listen on eth1.

Honeyd will see packets coming from eth0 and assume that it is a different
machine than ours, and not drop them.

License:
--------

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

Acknowledgments:
----------------

The following people have helped with suggestions, ideas or code:

  Dug Song <[email protected]>
  Jamie Van Randwyk <[email protected]>
  Eric Thomas <[email protected]>
  Christopher Kolina
  Derek Cotton
  Yuqing Mai
  Lance Spitzner <[email protected]>
  Christian Kreibich <[email protected]>
  Bill Cheswick <[email protected]>
  Lauren Oudot <[email protected]>
  Jon Oberheide <[email protected]>
  David Clark <[email protected]>
  Dan Petro <[email protected]>
  David Scott <[email protected]>
  Addison Waldow <[email protected]>
  Rami Rashid <[email protected]>

About

honeyd

Resources

Readme

License

GPL-2.0 license
Activity
Custom properties

Stars

4 stars

Watchers

0 watching

Forks

2 forks
Report repository

Releases

2 tags

Packages

 
 
 

Contributors

Languages