It took just 12 seconds - Catching hackers with a honey pot!

Рет қаралды 10,294

Күн бұрын

It took just 12 seconds for a computer I put directly on the Internet to get attacked. Within an hour, the system experienced nearly 17 thousand attacks, and within a 24-hour period, the system logged nearly 263 thousand different attacks. The Internet is a dangerous place, and without a firewall, your computer is at serious risk. I wanted to get hard statistics for what unprotected exposure to the Internet looks like, so after searching for honey pots, I came across T-Pot CE (community edition) and instantly fell in love with it. This video is all about showing you T-Pot, what it can do, and how to set it up!
*GET SOCIAL AND MORE WITH US HERE!*
Get help with your Homelab, ask questions, and chat with us!
🎮 / discord
Subscribe and follow us on all the socials, would ya?
📸 / 2guystek
💻 / 2guystek
Find all things 2GT on our website!
🌍 2guystek.tv/
More of a podcast kinda person? Check out our Podcast here:
🎙️ www.buzzsprout.com/1852562
Support us through the KZfaq Membership program! Becoming a member gets you priority comments, special emojis, and helps us make videos!
😁 www.youtube.com/@2GuysTek/mem...
*TIMESTAMPS!*
0:00 Introduction
0:47 What is a honey pot anyway?
1:25 What is T-Pot CE, and why did I choose it?
2:26 T-Pot Live attack map
2:54 T-Pot Dashboard
3:19 Cowrie SSH & telnet honey pot dashboard in T-pot
4:03 Suricata dashboard in T-pot
5:17 Background on the T-pot project
5:47 What can you run T-Pot CE on?
6:08 Minimum requirements for T-Pot
6:21 Where to find documentation on the honey pots within T-Pot
6:45 What's the catch? This feels too good to be true.
7:12 Where to download T-Pot CE
7:27 A word of caution on where you install T-Pot
7:51 How to build a USB install stick of T-Pot CE
8:28 The host we're using, and its network connection
9:00 How to install T-Pot on stand-alone hardware
12:03 Quick overview of the T-Pot dashboard
13:11 A word about protecting your home network
14:00 Closing! Thanks for watching!

Пікірлер: 25

@NeptuneSega Жыл бұрын

Imagine a world with people that don’t have malicious intentions. 12 seconds is insane!

@2GuysTek Жыл бұрын

Right?!

@RaidOwl Жыл бұрын

This def looks like a better option than covering my body in honey and running around in my front yard...

@2GuysTek Жыл бұрын

Why not both?

@jmoser220 6 ай бұрын

This was a fantastic video. Can't wait to try this out!

@JasonsLabVideos Жыл бұрын

That would be sweet, if i made a Jason's Lab Shirt and you had it on in a video LOL !!! Good video sir !! As always !

@kaspersergej Жыл бұрын

Keep pumping these high quality videos for a couple of years and you'll become an overnight success buddy!

@elg3la Жыл бұрын

This helps a lot. Straight forward and gave a base idea of how the process is for some like me who is dabbing into this as a hobby.

@2GuysTek Жыл бұрын

Awesome! Glad it helped!

@CalvinHenderson Жыл бұрын

Video suggestion: Setting up pi-hole to support multiple vlans (the OS/device has IP’s on iot/guest/home/and such) and responds to the different queries. Another suggestion: Setup a speedtest monitoring solution that includes ping tracking for uptime and IP results ( say ping yahoo and show which IP responds ) and for the speedtest track local as well as cross country test server results.

@scottwilliams2087 3 ай бұрын

Couldn't get it to work. Got it installed but when it loads up it is asking for a user name and password. I also tried to go to the web ip address but it won't let me. Can you clearify the last two steps at the end of 11:53 to 12:14?

@muramusan Жыл бұрын

Damn its crazy how people just try to attack your pc just leave us alone 😂

@2GuysTek Жыл бұрын

RIGHT?!

@user-bp6dx1mm2q 3 ай бұрын

AWS AND MICROSOFT ARE RESPONSIBLE

@md.solaymankabirshahin2544 11 ай бұрын

How can i download the iso file ?

@2GuysTek 11 ай бұрын

It's in the video, but here's the link: github.com/telekom-security/tpotce/releases

@bertnijhof5413 Жыл бұрын

What is the audience you want to catch? If you want to try it, your main problem is not, how to install Debian. If you don't know how to install Debian, stay away from this type of tools. Most user will have a WiFi router with a firewall maintained by the ISP, so you should not catch any hack. In that environment installing the honey pot on Debian is mostly completely useless. For most users the threat is coming from emails, social media or from browsing. The last 10 years I had two hacks, one through the browser and one through the email of an old collegae (who had been hacked), who claimed to send me an email with a photo of the two of us :( :( I'm lucky, I use OpenZFS, so I roll back the system to a time before the hack. Note that the OpenZFS snapshots are read only. I'm waiting impatiently on a true immutable system, like the one announced by Ubuntu for 24.04. I don't like systems with two instances, where only one of the two, the current instance is immutable. I prefer the rollback of OpenZFS, no hassle during normal operation :)

@JustinJ. Жыл бұрын

VanillaOS is an immutable Linux distribution based off of Ubuntu

@2GuysTek Жыл бұрын

If there's anything to take away from this for people who aren't running a home lab, don't have access to multiple public IP addresses, or run their own firewall, is that the Internet is a dangerous place. Here in the US, almost all ISPs will allow you to use your own router, so it's very important that people keep up on security patches and firmware updates for those devices, and the instant the vendor doesn't support that model any longer, it's time to consider a replacement.

@bertnijhof5413 Жыл бұрын

@@JustinJ. Vanilla OS is moving from Ubuntu to Debian. I used it for a couple of weeks in a VBox VM, but I did not really like it. Its behavior is too complex for a normal user and it did not support snaps :)

@bertnijhof5413 Жыл бұрын

@@2GuysTek Except for some very experienced users, in general the ISP engineers will do a better job than most users. So avoid own wifi routers, unless it is a secondary wifi router to cover e.g the back of the house. My PCs are connected to the secondary router and I changed user and password, installed the latest firmware, closed it for inbound traffic and blocked all admin access from MAC addresses other than those of my laptop and desktop :)

@pablitocodes 3 ай бұрын

Best ad.