Honeypot cluster for security research

Honeypot

Honeypot cluster for security research

Introduction

To dive into attack research and build a database of potential attackers, I thought it’d be a great idea to set up my own infrastructure for analyzing security events.

Tech Stack:

Virtualization:

  • Proxmox (I’m not concerned about VM stability here)

Container Platform:

  • Kubernetes

Analytics Platform:

  • Dataiku
  • n8n
  • MinIO (works perfectly as a temporary storage solution, so scaling isn’t a priority)

Cloud Providers:

  • Yandex Cloud
  • VK Cloud
  • Hetzner Cloud
  • OVH
  • Various VPS providers

Networking:

  • pfSense
  • Nebula

REST API:

  • FastAPI
  • Yandex Query

Schema


See also