1 Dionaea background
The purpose of the Dionaea design is primarily to capture samples of malware, which is used to trap malicious software by simulating a vulnerable service in the network. Dionaea as a replacement for Nepenthes by using LIBEMU to detect shellcodes. Currently analog support network services include:
SMB Listener 445 Port supports file uploads, the main purpose of attracting worms (services/smb.yaml) FTP listening 21 port support to create directories, upload and download files (services /Ftp.yaml) TFTP Monitor 69 port supports UDP connection request (Services/Tftp.yaml) epmap (Services/ EPMAP.YAML) UPnP
Https://github.com/DinoTools/dionaea
Reference
1 HTTPS://Github.com/rep/dionaea2 http://dionaea.readthedocs.org/ 3 Dionaea Low Interactive honeypot deployment detailed http://drops.wooyun.org/tips/640
Honeypot Series 2 Dionaea