but before I do, I figured I’d ask if anyone’s aware of any tools/software that covers my basic needs of setting something basic that may alert me if there are any intruders in the network?

Needs:

  1. Fake ssh login that can trigger a script so I can take care of the rest.
  2. Fake network share (cifs/samba) that can trigger a script if anything tries to access it.

Would be great if there are any docker images I can just pull, make some minor edits, and run.

Thanks!

  • iMeddles@infosec.pub
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    1 year ago

    Thinkst have also published opencanary which you can run yourself and contains a decent subset of what their hardware canaries run, including SSH and cifs.