Creating an Industrial Control System Honeypot with Conpot

In this subject we will follow a step by step instruction of installing an Industrial Control System honeypot. We will use CONPOT. The URL for it is
http://conpot.org and for documentation check:

The default configuration of Conpot simulates a basic “Siemens SIMATIC S7-200 PLC” with an input/output module and a CP 443-1 which would be needed in a real setup to provide network connectivity.

To install conpot run the commands below in a linux (Debian, Ubuntu, etc.)

$ sudo -i
# apt-get install libsmi2ldbl snmp-mibs-downloader python-dev libevent-dev libxslt1-dev libxml2-dev
# apt-get install python-pip
# easy_install -U setuptools
# apt-get install mysql-server (if you will use it)
# apt-get install python-mysqldb
# apt-get install libmysqlclient-de
# git clone https://github.com/mushorg/conpot.git
# cd conpot
# python setup.py install
Use the code below to run with default config:
# conpot -t default


Here is a screenshot of a successful run:


If you want to make changes here are the details:


config file:


default xml file:


This post was last modified on September 24, 2017, 1:07 pm

Categories: Security
Fuat Ulugay: