These containers that the API spins up should not have access to the network. Attackers should not be able to see the other containers or devices on the local network, nor should they be able to access the public internet.
The reason we must place this restriction is because attackers can theoretically do harm on the network. They can run spamming scripts, or access illegal content under the guise of the honeypot's network address. This can be worrisome to the honeypot owner.
In the future, this can be configured as a command line argument. In the future, we may be able to use the Tor network to lessen suspicion of the bad actors. Of course, everyone has their own risk analysis.
Issue Summary
These containers that the API spins up should not have access to the network. Attackers should not be able to see the other containers or devices on the local network, nor should they be able to access the public internet.
The reason we must place this restriction is because attackers can theoretically do harm on the network. They can run spamming scripts, or access illegal content under the guise of the honeypot's network address. This can be worrisome to the honeypot owner.
In the future, this can be configured as a command line argument. In the future, we may be able to use the Tor network to lessen suspicion of the bad actors. Of course, everyone has their own risk analysis.