HoneyDB Agent

The HoneyDB Agent is a low-to-medium interaction honeypot for security purposes, that supports emulation of common TCP and UDP network services. The HoneyDB Agent can be configured to send captured honeypot data to the HoneyDB web site - a community-driven honeypot data collection and aggregation security service. Using the HoneyDB Threat Info RESTful API, you can download your honeypot data and/or all community contributed honeypot data to help defend your applications and network. Common network service emulation includes FTP, Telnet, SSH, DNS, MySQL, and more. Learn more about the HoneyDB Agent at https://honeydb-agent-docs.readthedocs.io/en/latest/. Learn more about the HoneyDB API at https://riskdiscovery.com/honeydb/threats.

HoneyDB Agent on DigitalOcean demo agent

Software Included

Package Version License
honeydb-agent latest Custom

Creating an App using the Control Panel

Click the Deploy to DigitalOcean button to create a Droplet based on this 1-Click App. If you aren’t logged in, this link will prompt you to log in with your DigitalOcean account.

Deploy to DO

Creating an App using the API

In addition to creating a Droplet from the HoneyDB Agent 1-Click App using the control panel, you can also use the DigitalOcean API. As an example, to create a 4GB HoneyDB Agent Droplet in the SFO2 region, you can use the following curl command. You need to either save your API access token) to an environment variable or substitute it in the command below.

curl -X POST -H 'Content-Type: application/json' \
         -H 'Authorization: Bearer '$TOKEN'' -d \
        '{"name":"choose_a_name","region":"sfo2","size":"s-2vcpu-4gb","image": "honeydbagent-9"}' \

Getting Started After Deploying HoneyDB Agent

After you create a HoneyDB Agent One-Click Droplet, the HoneyDB Agent (honeydb-agent) will be installed. The next step is to SSH into the Droplet to configure and start the honeydb-agent service. The first time you SSH into the Droplet you will be prompted to configure honeydb-agent by entering your agent keys. Agent keys can be generated and retrieved by creating a free account at HoneyDB.io. Once you’ve entered the agent keys into the prompt the honeydb-agent service will start.

For more information on agent configuration, visit HoneyDB Agent Docs.

Note: You can continue to use port 22 (SSH) to access the Droplet. However, if you want to make port 22 (SSH) a honeypot service you’ll need to configure your SSH service to listen on a different port and then configure honeydb-agent to listen on port 22 (by default honeydb-agent uses port 2222 to emulate SSH).