Conpot is a low interactive server side Industrial Control Systems (ICS) honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems.

For more info, you can refer at here

First, edit your apt list file and insert this line below:

nano /etc/apt/sources.list
deb http://us.archive.ubuntu.com/ubuntu precise main multiverse

After that, update your OS:

sudo apt-get update

Then, install required dependencies:

sudo apt-get install libsmi2ldbl snmp-mibs-downloader python-dev libevent-dev libxslt1-dev libxml2-dev sqlite sqlite3 git

Some of dependencies need to be install via pip:

pip install --upgrade gevent pysnmp lxml bottle jinja2 beautifulsoup4 requests sphinx libtaxii xlrd crc16
  • Ensure that you have installed python-pip before you run this command.

Install Modbus-tk (to create modbus app easily with Python):

cd /opt
git clone https://github.com/glastopf/modbus-tk.git
cd modbus-tk
python setup.py build
python setup.py install

Install Conpot:

cd /opt
git clone https://github.com/glastopf/conpot.git
cd conpot
python setup.py build
python setup.py install

Finish! Next step is to run the conpot:

$ conpot

Conpot is running on these port:

$ netstat -lnput | grep python
tcp 0 0 0.0.0.0:102 0.0.0.0:* LISTEN 62822/python
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 62822/python
tcp 0 0 0.0.0.0:502 0.0.0.0:* LISTEN 62822/python
udp 0 0 0.0.0.0:161 0.0.0.0:* 62822/python

Do ensure that those port is not occupied or used yet.

By zam

Any Comments?

This site uses Akismet to reduce spam. Learn how your comment data is processed.