Recipe For Building a Cheap Raspberry Pi Honeypot Network 68
mask.of.sanity (1228908) writes "Honeypots are the perfect bait for corporate IT shops to detect hackers targeting and already within their networks and now a guide has been published to build a dirt cheap battalion of the devices from Raspberry Pis. "By running honeypots on our internal network, we are able to detect anomalous events. We gain awareness and insight into our network when network hosts interact with a Raspberry Pi honeypot sensor," the author explained."
I don't get the hype (Score:5, Insightful)
VMs are the way here (Score:4, Insightful)
Why not buy a cheap couple of hundred dollar PC and run as many VMs as could possibly fit. Install a really old Linux distribution (or early Windows) and the resource use is small. Many honey pots with less maintenance....
Re:We need a Pi category so I can ignore it (Score:5, Insightful)
That, and Elon Musk are the two most masturbatory topics on Slashdot these days.
From what I've seen though, there are a lot of slashdotters who have a deep-seated need to bitch about something.
Must be 75 percent of the posts are crying about "'Nuthre rsby pie rtickle!"
There are options for us:
1. Don't read the article. This works surprisingly well for people not in the Fox news self-validation mode. The title usually let's us know what the subject is.
2. Submit your own stories. You people who know what people really want to read should be able to submit articles that people really want to read
Re: I don't get the hype (Score:2, Insightful)
That may be true if everything is on a small number of networks but the raspberry pi is nice as I could but them in wiring closets all over. Right now we have net flow data for any traffic between buildings but we don't see all traffic within a building. This could let us have a honeypot in each building to get a heads up about issues.
Right now bringing each network into our data center is impractical. As it is our virtual environment is at the maximum number of vlans it can handle so the best use of resources is to upgrade it. While we are doing that security could use these as sensors on some of the more sensitive networks or where we suspect there are issues from other (possibly nonactionable) data.