Introduction
In this lab, you will learn how to deploy Cowrie, a medium-interaction SSH honeypot that captures and analyzes attacker behavior. You'll set up Cowrie in a Python virtual environment and configure it to mimic a real SSH service while enabling comprehensive logging.
Through this hands-on exercise, you'll test the honeypot by simulating attacks and analyzing the generated logs. This practical experience will help you understand how honeypots function as cybersecurity tools for threat detection and analysis.
Skills Graph
%%%%{init: {'theme':'neutral'}}%%%%
flowchart RL
wireshark(("Wireshark")) -.-> wireshark/WiresharkGroup(["Wireshark"])
hydra(("Hydra")) -.-> hydra/HydraGroup(["Hydra"])
wireshark/WiresharkGroup -.-> wireshark/protocol_dissection("Protocol Dissection")
wireshark/WiresharkGroup -.-> wireshark/packet_analysis("Packet Analysis")
hydra/HydraGroup -.-> hydra/installation("Installation and Setup")
subgraph Lab Skills
wireshark/protocol_dissection -.-> lab-549933{{"Deploy a Honeypot in Cowrie"}}
wireshark/packet_analysis -.-> lab-549933{{"Deploy a Honeypot in Cowrie"}}
hydra/installation -.-> lab-549933{{"Deploy a Honeypot in Cowrie"}}
end