FTP Honeypot - Fake FTP Server
Welcome to this exciting journey into cybersecurity. In this post, we discuss **FTP Honeypot**. FakeFTP (FTP Honeypot) is a Python tool designed to create a **fake FTP server** that appears to be real. It has authentication, connections, and commands like an actual FTP server, but none of them truly exist.
What is FTP?
FTP (File Transfer Protocol) is a protocol that enables the transfer of files between clients and servers. It follows a client-server model where clients send requests to download or upload files. FTP supports multiple authentication methods, directory listings, file permissions, and active/passive data transmission modes.
What is FakeFTP (FTP Honeypot)?
FakeFTP is a Python-based honeypot designed to mimic a real FTP server and trick attackers into engaging with it. FakeFTP supports connection handling, authentication, and common FTP commands, but none of these functions actually exist. Instead, it logs intrusions and captures valuable information about attackers.
When FakeFTP detects an intrusion attempt or scanning activity, it logs the attacker's **IP address** and other details. This allows security professionals to identify and respond to potential threats.
Compatibility
- Kali Linux 2023.4
- Parrot OS
- Windows 10
- Ubuntu
Requirements
To run FakeFTP, you need **Python 3** installed on your system.
Installation
You can clone FakeFTP using the following command:
# git clone https://github.com/********.git
# To get the code contact us
Launch
After cloning, navigate to the tool’s directory and run it:
cd Fakeftp
python3 Fakeftp.py
How FakeFTP Works
When an attacker tries to open the **FakeFTP server’s IP** in a browser, the honeypot captures additional data such as:
- Platform type
- Operating System (OSCPU)
- Screen size and viewport size
- Cookie status
- JavaScript status
- Internet speed
Conclusion
FakeFTP is a valuable tool for cybersecurity professionals to **detect and track** attackers. By simulating a legitimate FTP server, it can log and analyze malicious activity, helping organizations strengthen their network security.
Disclaimer
This post is for **educational purposes only**. It is meant to demonstrate how to detect and monitor attackers. Unauthorized use of FakeFTP for malicious purposes is illegal.