Honeypots have not achieved wide adoption for cyber defense.
While honeypot software is fairly mature and can provide high quality threat intelligence for organizations, they have never received wide adoption. We think the reason is that honeypots have been too complicated to deploy and manage at scale.
The Modern Honey Network project makes deploying and managing secure honeypots extremely simple.
From the secure deployment to the aggregation of thousands of events MHN provides enteprise grade management of the most current open source honeypot software. MHN is completely free open source software which supports external and internal honeypot deployments at a large and distributed scale. MHN uses the HPFeeds standard and low-interaction honeypots to keep effectiveness and security at enterprise grade levels. MHN provides full REST API out of the box and we are making CEF and STIX support available now for direct SIEM integration through our Commercial platform Optic.
Screen Shots
Watch the video to help get started:
Or get right to the good stuff:
$ cd /opt/
$ git clone https://github.com/threatstream/mhn.git
$ cd mhn/scripts/
$ sudo ./install_hpfeeds.sh
$ sudo ./install_mnemosyne.sh
$ sudo ./install_honeymap.sh
$ sudo ./install_mhnserver.sh
Current supported honeypots
- Snort
- Suricata
- Dionaea
- Conpot
- Kippo
- Amun
- Glastopf
- Wordpot
- ShockPot
- Easily add new ones!
Support or Contact
MHN is an open source project brought to you by the passionate folks at ThreatStream. Please checkout our troubleshooting guide on the wiki. We will also lend a hand if needed, find us at: modern-honey-network@googlegroups.com
Credit and Thanks
MHN leverages and extends upon several awesome projects by the Honeynet project. Please show them your support by way of donation.