SoHo Honeypot Update

I thought we were well overdue for a status update on the Linksys honeypot project so here it is.

Project Goal:

Create custom firmware for cheap consumer router to give them honeypot/honeynet capabilities.

Sub projects:

Re-direction of “dropped” packets

• Status: Planning stage
• Details: At the first look it’s the easiest thing to do, but routing, VPN and TTL issues are not yet solved.

Low-interactive honeypot capabilities

• Status: Ready for testing. Nepenthes has been added to the OpenWRT firmware.
• Outstanding: honeyd support

Extend firmware to offer the same or more/better capabilities as the stock firmware

• Status: In progress
• Outstanding: Web interface, documentation

The project was stalled for a while due to time constraints (work & real life commitments) and the fact that OpenWRT, which is base for the project, has gone through a major re-design overhaul since last year. The new build system is much easier to modify and maintain.

Availability:

Pre-compiled binaries are available upon request. Build instructions are currently being documented.

Current project members:

• Michael Boman (project leader)
• Rick Zhong
• Meder Kydyraliev
• Anton Bolshakov
• Johan Johari