Giter Site home page Giter Site logo

azure-vm-config's Introduction

Azure-VM-Config

Configuring and Implementing a Honeypot in Azure

To start off this Azure Honeynet project, we must first set up the virtual machines (VMs) we'll use. Virtual machines are like computers in the cloud, and they'll form the foundation of our honeynet. Here are the steps we'll take in Microsoft Azure:

  1. Sign in to the Azure portal: The first step is to log into your Azure account. If you don't have an account yet, you'll need to create one!
2. Create a virtual machine:

  • Once you're in the Azure portal, navigate to the 'Virtual machines' section.

    >

  • Click on 'Create', then 'Virtual machine'. This is where we'll set up our new VM!

3. Configure the VM settings:

  • Subscription and resource group: We'll select our Azure subscription and resource group (Which is way to group and manage resources in Azure!). For the purpose of the project, I already created created a resource group called Honeypot1

  • Virtual Machine Name: For the purpose of this project, I am going to name this VM, honeypot-vm

  • Region: For the purpose of this project, I am going to choose the region, (US) East US 2

  • Availability Options: Being that the only purpose of this machine will be to act as a Honeypot, we do not require any form of availability, so I selected No infrastructure redundancy required

  • Security Type: select Standard

  • Image: Select Windows 10 Pro, version 22H2 - x64 Gen2

4. NSG/Inbound Security Rule Configuration:

  • Navigate to the Network Security Group (NSG): In the Azure portal, search for 'Network Security Groups' in the search bar at the top. Once there, select the NSG associated with your virtual machine.

  • Create an inbound security rule: Inside the NSG, you'll find a section for 'Inbound security rules'. This is where we control what kind of traffic is allowed to reach our VM. Click on 'Add' to create a new rule.

  • Configure the rule: We'll be prompted to input some details about our new rule.

  • Source: This defines where the incoming traffic is coming from. We can set this to Any to allow traffic from any location.

  • Source port ranges: This specifies the ports on the source (the computer initiating the connection) that are allowed. Again, we can set this to * or Any to allow all ports.

  • Destination: This defines where the traffic is going to. Since we want the traffic to reach our VM, we can set this to Any.

  • Destination port ranges: This specifies the ports on our VM that are allowed to receive traffic. We can set this to * or Any to open all ports.

  • Priority: Setting priorities in Network Security Groups (NSGs) is an essential step. The priority determines the order in which rules are applied. Rules with lower priority numbers are processed before rules with higher priority numbers because the lower the number, the higher the priority. For the purpose of this lab, I set the priority to 100 to ensure that this honeypot functions as intended!

  • Action: We'll set this to Allow, which means that traffic matching this rule will be allowed to reach our VM.

  • Review & Create: After i've input and configured all the details we need for this inbound rule, click 'Add' to create the rule. e

Conclusion

By creating our VMs and open inbound security rules, we're essentially leaving the front door of our VM wide open. This is generally not something you'd do in a real production environment, as it would make your system extremely vulnerable to attacks. However, in the context of our honeynet, it's exactly what we want to do!

This allows us to attract potential attackers and observe their actions in a controlled environment.

azure-vm-config's People

Contributors

felixsalto1 avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.