Running the latest T-Pot as a vetted SISSDEN user? You can now contribute your data to SISSDEN!
For the last couple of years, T-Pot , the docker-based open source honeypot platform developed by our partner Deutsche Telekom (DTAG), evolved as one of the most successful honeypot platforms, not only due to its simple setup and low maintenance, but also because of the nice dashboards and investigation tools.
Setting up multiple honeypots, maintaining installations over time and eventually analyzing the data captured has always been a task which required expert knowledge and made the entry into the honeypot business quite challenging. Since 2015 when Deutsche Telekom introduced their honeypot platform T-Pot, the efforts for setting up honeypots, running and maintaining a multi-honeypot system have decreased significantly. Now everyone running a Debian-based virtual machine can transform their machine to a fully-fledged collection and analysis machine. The install on a blank system is as easy as installing Debian. Everything is automated to the maximum.
T-Pot offers numerous honeypot daemons running in parallel and reroutes the traffic captured on the network interface to the most suitable open source honeypots available. The data is processed and stored in a local ELK stack.