Skip to content

Automatic Access

Jump to bottom
Toby Lin edited this page Apr 20, 2022 · 9 revisions

Automatic Access

What does it do?

  • MITM compromises a honeypot by placing the credentials (username and password) used by the attacker's login attempt onto the container.

  • Important Note: The container makes the ultimate decision. The container's /etc/ssh/sshd_config file has the ability to deny login credentials even though they may be valid (e.g. DenyUsers root or PermitRootLogin no)

  • Compromise of the honeypot will only occur once per MITM instance.

    • Instance is defined as each executable run and thus must kill the MITM and restart it to re-enable automatic access.

What are the options?

Normal Distribution

  • Mean: Mean number of login attempts
  • Standard Deviation: Variation of values from the mean

Fixed

  • Attempts: Fixed number of login attempts
Clone this wiki locally