Skip to main content

Conpot is an ICS honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems

Project description

Conpot

Build Status Code Health Python Version PyPI version Docs Coverage Status

About

Conpot is an ICS honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems

Documentation

The build of the documentations source can be found here. There you will also find the instructions on how to install conpot and the FAQ.

Easy install using Docker

Via a pre-built image

  1. Install Docker
  2. Run docker pull honeynet/conpot
  3. Run docker run -it -p 80:80 -p 102:102 -p 502:502 -p 161:161/udp --network=bridge honeynet/conpot:latest /bin/sh
  4. Finally run conpot -f --template default

Navigate to http://MY_IP_ADDRESS to confirm the setup.

Build docker image from source

  1. Install Docker
  2. Clone this repo with git clone https://github.com/mushorg/conpot.git and cd conpot
  3. Run docker build -t conpot .
  4. Run docker run -it -p 80:80 -p 102:102 -p 502:502 -p 161:161/udp --network=bridge conpot

Navigate to http://MY_IP_ADDRESS to confirm the setup.

Build from source and run with docker-compose

  1. Install docker-compose
  2. Clone this repo with git clone https://github.com/mushorg/conpot.git and cd conpot
  3. Build the image with docker-compose build
  4. Test if everything is running correctly with docker-compose up
  5. Permanently run as a daemon with docker-compose up -d

Sample output

::

# conpot --template default  
                     _                                                                                                    
 ___ ___ ___ ___ ___| |_                                                                                                
|  _| . |   | . | . |  _|                                                                                               
|___|___|_|_|  _|___|_|                                                                                                 
            |_|                                                                                                         

Version 0.6.0                                                                                                           
MushMush Foundation                                                                                                     

2018-08-09 19:13:15,085 Initializing Virtual File System at ConpotTempFS/__conpot__ootc_k3j. Source specified : tar://conpot-0.6.0-py3.6/conpot/data.tar
2018-08-09 19:13:15,100 Please wait while the system copies all specified files
2018-08-09 19:13:15,172 Fetched x.x.x.x as external ip.
2018-08-09 19:13:15,175 Found and enabled ('modbus', <conpot.protocols.modbus.modbus_server.ModbusServer object at 0x7f1af52231d0>) protocol.
2018-08-09 19:13:15,177 Found and enabled ('s7comm', <conpot.protocols.s7comm.s7_server.S7Server object at 0x7f1af5ad1f60>) protocol.
2018-08-09 19:13:15,178 Found and enabled ('http', <conpot.protocols.http.web_server.HTTPServer object at 0x7f1af4fc2630>) protocol.
2018-08-09 19:13:15,179 Found and enabled ('snmp', <conpot.protocols.snmp.snmp_server.SNMPServer object at 0x7f1af4fc2710>) protocol.
2018-08-09 19:13:15,181 Found and enabled ('bacnet', <conpot.protocols.bacnet.bacnet_server.BacnetServer object at 0x7f1af4fc22e8>) protocol.
2018-08-09 19:13:15,182 Found and enabled ('ipmi', <conpot.protocols.ipmi.ipmi_server.IpmiServer object at 0x7f1af5aaa1d0>) protocol.
2018-08-09 19:13:15,185 Found and enabled ('enip', <conpot.protocols.enip.enip_server.EnipServer object at 0x7f1af5aaa0f0>) protocol.
2018-08-09 19:13:15,199 Found and enabled ('ftp', <conpot.protocols.ftp.ftp_server.FTPServer object at 0x7f1af4fcec18>) protocol.
2018-08-09 19:13:15,206 Found and enabled ('tftp', <conpot.protocols.tftp.tftp_server.TftpServer object at 0x7f1af4fcef28$) protocol.
2018-08-09 19:13:15,206 No proxy template found. Service will remain unconfigured/stopped.                                
2018-08-09 19:13:15,206 Modbus server started on: ('0.0.0.0', 5020)                                                       
2018-08-09 19:13:15,206 S7Comm server started on: ('0.0.0.0', 10201)                                                      
2018-08-09 19:13:15,207 HTTP server started on: ('0.0.0.0', 8800)                                                         
2018-08-09 19:13:15,402 SNMP server started on: ('0.0.0.0', 16100)                                                        
2018-08-09 19:13:15,403 Bacnet server started on: ('0.0.0.0', 47808)                                                      
2018-08-09 19:13:15,403 IPMI server started on: ('0.0.0.0', 6230)                                                         
2018-08-09 19:13:15,403 handle server PID [23183] running on ('0.0.0.0', 44818)                                           
2018-08-09 19:13:15,404 handle server PID [23183] responding to external done/disable signal in object 139753672309064
2018-08-09 19:13:15,404 FTP server started on: ('0.0.0.0', 2121)                                                          
2018-08-09 19:13:15,404 Starting TFTP server at ('0.0.0.0', 6969)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

conpot-0.6.0.tar.gz (200.5 kB view details)

Uploaded Source

Built Distribution

conpot-0.6.0-py3-none-any.whl (293.9 kB view details)

Uploaded Python 3

File details

Details for the file conpot-0.6.0.tar.gz.

File metadata

  • Download URL: conpot-0.6.0.tar.gz
  • Upload date:
  • Size: 200.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.11.0 pkginfo/1.4.2 requests/2.19.1 setuptools/40.0.0 requests-toolbelt/0.8.0 tqdm/4.24.0 CPython/2.7.15rc1

File hashes

Hashes for conpot-0.6.0.tar.gz
Algorithm Hash digest
SHA256 adddee0e857b0626106e16477aff5b7f3e88795b407d1a84258171485846c9fd
MD5 7478641f61e0ecb33c20fc3eaa733632
BLAKE2b-256 faaa65290b85fc8d998a56ced37fa89b03e00361ab62b0843aa67696ddb9fe2f

See more details on using hashes here.

File details

Details for the file conpot-0.6.0-py3-none-any.whl.

File metadata

  • Download URL: conpot-0.6.0-py3-none-any.whl
  • Upload date:
  • Size: 293.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.11.0 pkginfo/1.4.2 requests/2.19.1 setuptools/40.0.0 requests-toolbelt/0.8.0 tqdm/4.24.0 CPython/2.7.15rc1

File hashes

Hashes for conpot-0.6.0-py3-none-any.whl
Algorithm Hash digest
SHA256 553f107a2723cfeb67ac8b39c7387e3c87b134323bceed33b00eea3a9121f224
MD5 b31e513d4917f123f72dfd1fb1a95697
BLAKE2b-256 0c64a92eb741a7489320d8df2c66398e6ddf13939af651a45ac2a87137c48fb7

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page