but before I do, I figured I’d ask if anyone’s aware of any tools/software that covers my basic needs of setting something basic that may alert me if there are any intruders in the network?

Needs:

  1. Fake ssh login that can trigger a script so I can take care of the rest.
  2. Fake network share (cifs/samba) that can trigger a script if anything tries to access it.

Would be great if there are any docker images I can just pull, make some minor edits, and run.

Thanks!

    • ᗪᗩᗰᑎ@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      28
      ·
      1 year ago

      I plan on making it available inside my own network, not public. This way if someone makes it past my security, I at least have something that might “catch” them in the act and disable my network so I can intervene. Just another security layer.

      • chandz05@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        I have never thought about doing this… But this is actually such a good idea. I’m probably going to set this up myself

    • lilShalom@lemmy.basedcount.com
      link
      fedilink
      English
      arrow-up
      21
      arrow-down
      1
      ·
      1 year ago

      If you place this on the inside of your network and it triggers, youre either compromised or a scanner/ person triggered it.

    • recursive_recursion [they/them]A
      link
      fedilink
      English
      arrow-up
      18
      arrow-down
      1
      ·
      edit-2
      1 year ago

      one of the best ways to protect your friends is to leave juicy bait that only zero-sum people would try to steal

      plus wasting malicious user’s time also provides multiple benefits such as reducing the prevalence of spam and DDoS attacks