Raspberry Pi honeypot helps you to improve your networks security

Network administrators typically use firewalls to monitor and control inbound and outbound traffic, but what about internal network traffic? Because of the amount of internal traffic, especially in corporate networks, this can be a daunting job. However, tools are available to help you and, what's more, they don't have to cost a lot.

One technique is to add one or more so-called honeypots to the network. A cheap Raspberry Pi can play the role of honeypot and at about £16 a piece you can have several of them on your network.

In computer security lingo a honeypot is a fake network resource intended to attract intruders. The aim of this lure is make the intruder believe that he/she can take control of a real network resource or that he/she has access to valuable information. The network administrator however closely monitors the activity on the honeypot in order to observe how attackers operate. This, in turn enables the administrator to secure the network against new attacks. A honeypot is similar to the police baiting a criminal and then conducting undercover surveillance.

Using a Raspberry Pi as a honeypot is interesting because it consumes only a small amount of power, it doesn't take up a lot of space and – not unimportant – the Pi is very inexpensive. Another advantage is that it runs Linux, which gives the user access to lots of open source network and computing security packages like Dionaea. The goal of Dionaea is to trap malware exploiting vulnerabilities exposed by services offered to a network. The ultimate goal is to obtain a copy of the malware.

By deploying Dionaea via the honeypot management system Modern Honey Network (MHN) it becomes possible to set up honeypots quickly by executing a bunch of simple commands. Unfortunately in real life – and especially in open source Linux projects – simple commands often turn out to be quite complicated, which is why Nathan Yee created a very detailed tutorial on how to setup your own Raspberry Pi honeypot. Even Linux guru’s and experienced network administrators will have to admit that it saved them time.