Distributed/community honeypot – the Internet Storm Center's DShield Honeypot Project
First, get the current date and time from your host. Any activity that's heavily dependent on logs needs accurate time:
# date Fri 16 Jul 2021 03:00:38 PM EDT
If your date/time is off or isn't configured reliably, you'll want to fix that before you start – this is true of almost any service in any operating system.
Now, change to an installation directory, then download the app using git. If you don't have git, use the standard sudo apt-get install git that we've used throughout this book to get it. Once git is installed, this command will create a dshield directory under the current working directory:
git clone https://github.com/DShield-ISC/dshield.git
Next, run the install script:
cd dshield/bin sudo ./install.sh
Along the way, there will be several input screens. We'll cover some of the key ones here:
- First, we have...
