Cowrie [0] provides an SFTP and Telnet honeypot and you can configure the filesystem to serve your desired files. Not quite a passthrough for legitimate use, unfortunately
Yes sorry, the project improved a lot since then, all the issues raised in that thread were addressed and several new features were added: we now support serving Cloud Storage backend (such as S3) over SFTP/SCP, multi factor authentication, virtual folders, several filters (for example on file extensions, on source ip address), external authentication, serving Git repos over SSH, per directory virtual permissions (not related to OS permissions) ecc..
If you have any suggestions please open an issue, thanks!
Congrats on the new release, that's some serious new functionality. This seems like a really useful project for cases where you wouldn't want to give a user SSH access into a particular server.
Thank you for releasing it as free software, I will be following this project for later use!
How do you even remember a thread from last year? I'm always surprised by your vast knowledge required for moderation. Possibly with a help of some internal search tools?
10 comments
[ 2.8 ms ] story [ 39.6 ms ] threadHas anyone seen an FTP honeypot that would serve zip bombs to malicious users and allow legit users proper access?
Most of those people seem to grab and open those files without any security measures, docx, pdf, archives, often .exe
[0]: https://github.com/cowrie/cowrie
Because that's what I'd do if I hit a honeypot...
If you're going to make a Show HN out of a new release, it would be good to add a comment explaining what's different since last time!
If you have any suggestions please open an issue, thanks!
Thank you for releasing it as free software, I will be following this project for later use!
I do have some keyboard shortcuts in my moderation client software that help me bring up these search pages quickly.