Sold by: Leading Security Limited
Deployed on AWS
AWS Free Tier
This product has charges associated with it for support and maintenance. Elevate your AWS security with our AdvancedSTIG-Hardened Honeypot AMI, employing cowrie and dionaea to simulate vulnerable services for threat detection and analysis.
Overview
This is a repackaged open source software product wherein additional charges apply for support and maintenance by Leading Security.
The Leading Security Honeypot AMI is a lightweight, STIG hardened AMI built on top of a base Ubuntu 20 or Ubuntu 22 image. It consists of a set of services designed to emulate other services to be able to track and monitor potential malicious activities in a network where such threats need to be made visible.
The following services are currently deployed within the Honeypot AMI with a list of the services they are also emulating as well:
SSH Telnet FTP HTTP MySQL Memcache SAMBA/SMB TFTP UPNPFeatures:
- Lightweight - Our repackaged solution is designed to be portable and work across a multitude of setups with minimal requirements.
- Easy to install and maintain - Simply deploy the AMI to an EC2 instance and the Honeypot services start quickly and easily without any manual interventions.
- Built in log shipping - Support out of the box to ship the Honeypot logs to a remote destination of your choosing.
Disclaimer: This Virtual machine offer contains free and open source software. All the software, trademarks used in the Virtual machine offer are the exclusive property of their respective owners.
Highlights
- Comprehensive Service Simulation - Covers SSH, Telnet, FTP, HTTP, MySQL, Memcache, SAMBA/SMB, TFTP, UPNP to lure a wide array of threats
- Seamless AWS Integration - Designed for easy deployment on AWS EC2, ensuring a fortified security posture with minimal setup.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
Ubuntu 22.04
Deployed on AWS
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
t3.small Recommended | $0.04 |
t3.micro AWS Free Tier | $0.04 |
t3a.medium | $0.04 |
t3.2xlarge | $0.04 |
t3.medium | $0.04 |
t3a.2xlarge | $0.04 |
t3a.xlarge | $0.04 |
t3a.large | $0.04 |
t3.large | $0.04 |
t3.xlarge | $0.04 |
Vendor refund policy
Our refund policy is straightforward: All sales of our product are final, and no refunds will be issued. We encourage our customers to review the product description and specifications carefully before making a purchase to ensure it meets their requirements and expectations. This policy is in place to maintain the integrity and value of our software and services. For more detailed information or inquiries, please contact our customer support team.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Initial Release of 1.0 image:
Stig Hardened Ubuntu 20.04 and 22.04 images Docker-based Cowrie and Dionaea Services Full SSH emulation Rsyslog Ready
Additional details
Usage instructions
To run and deploy the Honeypot AMI, we recommend choosing to deploy this into a VPC where a majority of your internet facing traffic comes from or a network you have identified as being critical and vulnerable. This will enable you to catch bad actors and attackers coming into your networks and give you the information to allow you to block and protect yourself from these types of attacks.
To SSH into the instance, you will need to open port 52222 on the security group to a CIDR range of your choosing and associate a key-pair at launch. You will then be able to ssh in using the ubuntu user as follows:
ssh -i <key_pair.pem> -p 52222 ubuntu@<ip_addresss_of_instance>
If you would like to setup Rsyslog forwarding of logs, please include the following in your instance UserData:
#!/bin/bash RSYSLOG_ADDRESS=34.241.180.139 RSYSLOG_PORT=50000 sed -i 's/<RSYSLOGADDRESS>/'"${RSYSLOG_ADDRESS}"'/g' /etc/rsyslog.conf sed -i 's/<RSYSLOGPORT>/'"${RSYSLOG_PORT}"'/g' /etc/rsyslog.conf sleep 60 sudo systemctl enable rsyslog sudo systemctl restart rsyslog
Resources
Vendor resources
Support
Vendor support
Leading Security provides support for our Honeypot AMI, including detailed documentation, technical support via issue tracking on Github, and regular updates to keep your defenses strong against evolving threats. For support contact us by email at contact@leadingsecurity.co.uk
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Customer reviews
No customer reviews yet
Be the first to write a review for this product.