OpenCanary?

sremick

sremick

I was just wondering if there was anyone working on adding OpenCanary to ports?

I don't see it in the ports collection (nor any honeypot software for that matter). I did see a brief mention in the changelogs from a while back:
Code: 
v0.8.0

This version supports python3+

Changes include

    Drop support for python2
    Improvements to setup.py to better support FreeBSD porting efforts
    Updates to Github Actions to address deprecation warnings
 
Besides porting ... do you intend to use this ("or any other honeypot software") to "improve security"? Because if so, my recommendation would be: Don't.

Yes, I know you'll find a lot of material recommending to "get alerted of attacks" with such a software. But a honeypot is NOT an IDS, to the contrary. A honeypot draws attention (at least if it's not too obvious), and that's most likely the exact opposite of what you want. Where it makes sense is research. It can be used to help analyze attack patterns and methods in the wild.

Of course if that's what you intend to do, well, you should do it on a different machine anyways, so maybe it could just as well run Linux then?

BTW, nothing against porting some honeypot software in general, it's just a (probably opinionated) warning.
 
I totally understand the nuances, but thanks. It wouldn't be taking the place of any of those other things.

I was actually thinking of running it in a VM. I can certainly just punt and use Linux, but I have a preference for FreeBSD and though maybe being less-common, having a FreeBSD base might make the core level more secure.
 
You must log in or register to reply here.
Back
Top