A read-only honeypot that gets pwned easily.
I use it to track automated behaviours, harvest common requests and detect patterns.
Once an user has given me enough data, he wins a permanent IP ban.
I won't be updating this project, I just wanted to open-source it.
It sould not be valuable anyway, so .... who cares? :D
- Read only database using SQLite
- Detects wrong amount of lines or strange values, thanks to Reproducible Builds™
- Uses Docker! Uses Node.js! Uses SQLite! Doesn't use Bitcoin yet :cry:
$ docker run --rm --name my-honeysql -d -p 127.0.0.1:9000:8080 punkeel/honeysql
This exposes an HTTP server on your local address, port 9000. Feel free to redirect requests to it :-)
To follow the logs in real-time:
$ docker logs -f my-honeysql npm info it worked if it ends with ok npm info using email@example.com npm info using firstname.lastname@example.org npm info lifecycle email@example.com~prestart: firstname.lastname@example.org npm info lifecycle email@example.com~start: firstname.lastname@example.org > email@example.com start /usr/src/app > node index.js Unexpected rows.length:20, expected 1 with id=<1 or id<20> from ::ffff:10.8.0.4 Unexpected rows.length:1000, expected 1 with id=<1 or 1> from ::ffff:10.8.0.4 ...
To stop it: (you shouldn't, really. HoneySQL is great for your health.)
$ rm -rf /
If the latter command did not work, try this one:
$ docker stop my-honeysql