This is a non-IMPACT record, meaning that access to the data is not controlled by IMPACT. For access, see the directions below.

Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.

Summary

DS-1358
conpot
External Tool
External Data Source
GitHub
Unknown
Unknown
56 (lowest rank is 56)

Category & Restrictions

Other
cyber defense, honeypots
Unrestricted
Unknown

Description


Conpot is an ICS honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems

ConpotFS designed to have "safe to use" os.* wrappers that could be used by protocols. We cannot allow chmod() like commands that may allow attackers to make arbitrary system calls.

At the same time - protocols such as FTP need chmod() like methods. Same goes for stat() etc. For this reason, we needed a file system that can operate on a layer above the actual file system and still provide the flexibility/robustness.

The Conpot's file system solves this problem by proxying the actual files kept at a controlled location.

Additional Details

2.5MB
false
Unknown
conpot, 1358, inferlink, corporation, inferlink corporation, external, external data source, source, methods, intelligence, control, industrial, honeypot, collect, targeting, motives, goal, systems, adversaries, ics, system, file, chmod, actual, protocols, os, time, location, conpots, attackers, arbitrary, calls, proxying, controlled, ftp, stat, designed, reason, commands, robustness, operate, provide, safe, files, other, layer, flexibility, wrappers, conpotfs, solves