-
Notifications
You must be signed in to change notification settings - Fork 5
Automatic Access
Toby Lin edited this page Apr 20, 2022
·
9 revisions
-
MITM compromises a honeypot by placing the credentials (username and password) used by the attacker's login attempt onto the container.
-
Important Note: The container makes the ultimate decision. The container's /etc/ssh/sshd_config file has the ability to deny login credentials even though they may be valid (e.g.
DenyUsers root
orPermitRootLogin no
) -
- Instance is defined as each executable run and thus must kill the MITM and restart it to re-enable automatic access.
Normal Distribution
- Mean: Mean number of login attempts
- Standard Deviation: Variation of values from the mean
Fixed
- Attempts: Fixed number of login attempts