HonSSH - Log all SSH communications between a client and server

HonSSH is a high-interaction Honey Pot solution.

HonSSH will sit between an attacker and a honey pot, creating two separate SSH connections between them.


  • Captures all connection attempts to a text file.
  • When an attacker sends a password guess, HonSSH can automatically replace their attempt with the correct password (spoof_login option). This allows them to login with any password but confuses them when they try to sudo with the same password.
  • All interaction is captured into a TTY log (thanks to Kippo) that can be replayed using the playlog utility included from Kippo.
  • A text based summary of an attackers session is captured in a text file.
  • Sessions can be viewed or hijacked in real time (again thanks to Kippo) using the management telnet interface.  

Disqus Comments