Lab 11.3.6 Create a Honeypot with Pentbox [WLOs: 1, 2, 3, 4, 5] [CLOs: 1, 2, 3]

Q1What message is displayed?

Your answer: Access denied

Correct answer: Access denied

Q2What is the IP address associated with the intrusion attempt?

Your answer: 147.191.29.25

Correct answer: 147.191.29.25

Explanation

In this lab, your task is to:

• Use Pentbox to create a honeypot on www_stage.
• Test the honeypot on Consult-Lap using www_stage.corpnet.xyz in Chrome.
• Verify the intrusion on www_stage.
• Answer the questions.

Complete this lab as follows:

1. Use Pentbox to create a honeypot on www_stage as follows:
   1. From the Favorites bar, open Terminal.
   2. At the prompt, type cd pentbox-1.8 and press Enter to change to the pentbox directory.
   3. Type ./pentbox.rb and press Enter to start Pentbox.
   4. Type 2 and press Enter to select Network Tools.
   5. Type 3 and press Enter to select Honeypot.
   6. Type 1 and press Enter to select Fast Auto Configuration.
2. Test the honeypot using Chrome as follows:
   1. From the top navigation tabs, select Buildings.
   2. Under Red Cell, select Consult-Lap.
   3. From the task bar, open Chrome.
   4. In the URL field, enter www_stage.corpnet.xyz and press Enter.
   5. In the top right, select Answer Questions.
   6. Answer Question 1.
   7. Minimize the Lab Questions dialog.
3. Review the effects of the intrusion on www_stage as follows:
   1. From the top navigation tabs, select Buildings.
   2. Under Building A, select Basement.
   3. Under Basement, select www_stage.
      Notice the INTRUSION ATTEMPT DETECTED message at the bottom of the Pentbox window.
4. In the top right, select Answer Questions.
5. Answer Question 2.
6. Select Score Lab.