but before I do, I figured I’d ask if anyone’s aware of any tools/software that covers my basic needs of setting something basic that may alert me if there are any intruders in the network?
Needs:
- Fake ssh login that can trigger a script so I can take care of the rest.
- Fake network share (cifs/samba) that can trigger a script if anything tries to access it.
Would be great if there are any docker images I can just pull, make some minor edits, and run.
Thanks!
People were close, but what you actually want is OpenCanary. It fakes SSH and Samba services and can be configured to alert you when triggered.