Introduction to Deutsche Telekom's Honeypot Project
Deutsche Telekom’s honeypot project was started in 2010 by a small group of enthusiasts. We initially started with Lukas Rist’s great Glastopf web honeypot and soon added further honeypot daemons like kippo, honeytrap and dionaea. Over the next years we deployed more and more honeypots.
Data captured on our honeypot sensors is visualized on our Sicherheitstacho and we further use the information e.g. to inform our customers regarding infections.
We currently run about 180 honeypot sensors as part of Deutsche Telekom’s early warning system. Individual maintenance of such large number of systems became a time consuming and painful task. As a first step we created a standardized Raspberry PI honeypot image, which is managed by Puppet and distributed across our national subsidiaries. To increase the efficiency even more, we decided to build T-Pot, a highly modular approach.
Please understand that we cannot provide support on an individual basis. We will try to address questions, bugs and problems on our GitHub issue list.
We want to thank the following people / organizations / projects for their great work.
- Lutz Wischmann (our consultant / friend / main developer of Sicherheitstacho / Honeypot backend systems)
- Honeypot developers for their patient support for our individual feature requests
- The Honeynet Project for providing great tools and a platform for discussion
- Christian Müller / Mark Bolten from CRONON / Strato for (as always) great support
- Andreas Kraft & Alexander Mannecke for their cool dsl router protection demo based on honeypot data and the mobile sicherheitstacho app
Deutsche Telekom’s Honeypot Team
The team consists of several people, who spend some work time and private time on this project.
- Markus Schroer
- Rainer Schmidt
- Markus Schmall
- André Vorbach
- Marco Ochse
- Norbert Krummen
- another unnamed individual ;-)
Initial Jekyll template written by Dirk Fabisch
You can download the theme here: https://github.com/dirkfabisch/mediator