This role installs and configures Honeyd.
The original HoneyD version was last updated in 2008. Later, DataSoft maintained the project until 2013. This is the latest version known (at least to me). This version works well even today and through updating the fingrerprints it can still do the trick. Look here for more information.
It will download honeyd from DataSoft and compile it. Optionally, the scripts from the original honeyd can be placed in /usr/share/honeyd
alongside the ones from DataSoft. Some of the latter ones have dependencies on Nova and my personal experience was not the best when trying to use them. Configuration files and database files are placed in /etc/honeyd
. It will also create a systemd service to start/stop honeyd (service file is placed in /etc/systemd/system
).
None.
Taken directly from defaults/main.yml:
honeyd_enabled: yes
# Turns off the role completely
honeyd_repo: 'https://codeload.github.com/DataSoft/Honeyd/zip/master'
# Where honeyd will be downloaded from
honeyd_provos_repo: 'https://codeload.github.com/provos/honeyd/zip/master'
# For the original service scripts
honeyd_provos_scripts: yes
# Enables installing original service scripts
honeyd_user: nobody
# The user honeyd will run as
honeyd_group: nogroup
# The group honeyd will run as
honeyd_interface: ens4
# The interface honeyd will listen on
honeyd_network: 10.0.0.0/8
# Packets destined to this subnet will be captured by honeyd
honeyd_use_current_nmap_os_db: yes
# Update the OS db
honeyd_use_current_nmap_mac_prefixes: yes
# Update MAC prefixes
honeyd_os_db_url: https://raw.githubusercontent.com/nmap/nmap/master/nmap-os-db
# Where to download a current nmap-os-db file from
honeyd_mac_prefixes_url: https://raw.githubusercontent.com/nmap/nmap/master/nmap-mac-prefixes
# Where to download a current nmap-mac-prefixes file from
honeyd_force_db_update_check: no
# If yes, it will cause ansible to check for updates in the OS/MAC databases
honeyd_packet_log: yes
# Enables packet logging
honeyd_service_log: yes
# Enables service logging
honeyd_dhcp_log: yes
# Enables DHCP logging
honeyd_custom_scripts: []
honeyd_split_config: yes
# Split configuration into one file per defined honeypot
honeyd_use_config: ''
# A local file to upload and integrate with the rest of the configuration
# Example of how honeypots are defined. All the supported options are shown.
honeyd_honeypots:
routerone:
personality: Cisco 2811 router (IOS 15.1)
tcp:
default: reset
23: script=original/router-telnet.pl
bind: 10.100.0.1
# manufacturer: cisco
# dhcp: eth0
netbsd:
personality: Linux 2.6.27 (Ubuntu 8.10)
tcp:
default: reset
22: proxy=\$ipsrc:22
80: script=original/web.sh
22022: script=linux/ssh.sh
bind: 10.100.0.134
GPLv3