Skip to content

A simple, low-interaction FTP honeypot server in Python for easy network traffic monitoring

License

Notifications You must be signed in to change notification settings

0xNslabs/ftp-honeypot

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Simple FTP Honeypot Server

Introduction

The Simple FTP Honeypot Server is a lightweight script designed for cybersecurity practitioners looking to enhance network security. Crafted in Python with the Twisted library, this script establishes a low-interaction File Transfer Protocol (FTP) server, acting as a honeypot to log FTP access attempts and identify unauthorized activity.

Features

  • Low-Interaction Honeypot: Simulates an FTP service to safely capture and log access attempts.
  • Customizable Server Configuration: Command-line arguments allow for easy adjustment of the host and port.
  • Detailed Logging: Records every command sent to the FTP server, aiding in security analysis.
  • Real-time Interaction: Offers real-time engagement with clients, capturing credentials and commands.
  • Educational and Research Tool: Ideal for studying FTP-based attack patterns and for educational purposes.

Requirements

  • Python 3.x
  • Twisted Python library

Installation

To get started with the FTP honeypot server, follow these steps:

git clone https://github.com/0xNslabs/ftp-honeypot.git
cd ftp-honeypot
pip install twisted

Usage

Run the script using the following command with optional arguments for host and port. It defaults to 0.0.0.0 (all interfaces) and port 2121.

python3 sip.py --host 0.0.0.0 --port 2121

Logging

The FTP interactions are recorded in ftp_honeypot.log, which includes details about every login attempt and command issued to the server.

Simple FTP Honeypot In Action

Simple FTP Honeypot in Action The above image showcases the Simple FTP Honeypot server capturing login attempts.

Other Simple Honeypot Services

Check out the other honeypot services for monitoring various network protocols:

Security and Compliance

  • Caution: As a honeypot, this server should be deployed in a controlled environment.
  • Compliance: Ensure compliance with all applicable local and international laws when deploying the honeypot.

License

This project is distributed under the MIT License. See LICENSE for more information.