Planting an EC2 honeypot seed
How to manually plant a EC2 honeypot type seed in your AWS tenant
Our EC2 honeypot seeds offer a range of great detection capabilities, deployed directly within your AWS tenant. You can read more about what they are, and how they work, here:
EC2 HoneypotThis page will show you have to do a full deployment of an EC2 seed
Instructions
Follow the clicks on the video, or the bullet points below
Create a new seed, ready to plant
Go to DEPLOYMENTS
Click ADD NEW
Give your new deployment a NAME and a DESCRIPTION that will help you identify it later
Chose your desired personality from the published selection of EC2 honeypot SEED TYPES
Select MANUAL as the destination, then click SUBMIT to create and run your new deployment
Click into your new deployment to view details and see the new seed created as status=available
Plant the seed
On the right side of your new seed, click the actions menu [...] then click PLANT
Provide a LOCATION and DESCRIPTION to help you understand where you planted this seed later, then click SUBMIT
You will be presented with an AWS Cloudformation link. Click (or copy-paste) the URL.
A new tab showing AWS cloudformation will open. You may be asked to authenticate to AWS if you have not already done so.
Make sure to chose the correct AWS account and region for deployment of your seed before going on to the next step
Select the SECURITY GROUP that you wish to apply to this Honeypot, and chose the appropriate SUBNET ID that you wish to deploy it in to, then click CREATE STACK to start the installation
Click on RESOURCES to see the ID of the new EC2 Honeypot. Take this link if you would like to see more details such as status and IP addresses
Return to the seedata.io tab and you'll see the status of you honeypot gets updated from "Waiting for heartbeat" to "GOOD" within a minute or so
Last updated