Updated on September 9, 2020 at 12:23 am
MHN is an open source project from ThreatStream that aims to simplify the deployment of honeypot software.
I have deployed one server in the cloud so far with zero fuss. And it also has a nice browser dashboard to view attacks and to deploy different types of honeypot software.
They support several differnt flavors at the moment; Snort, Suricata, Kippo, Glastopf and others.
I’m deploying Kippo first which is a SSH honeypot because it’s simple and straightforward to get running for testing purposes.
By the way, the different honeypots can be deployed easily on the server by running a single command provided in the MHN dashboard.
They seem to have done a great job simplifying the whole deployment process which is seriously cool and may increase the use of honeypots.
MHN also integrates with Splunk and Arcsight.
I’ll be posting some results as I bring up some more VMs in various locations around the world.