glutton as a sensor

[nassimabedi]

I think about using glutton as a sensor in a network and I think about a way (protocol) to communicate between sensors and server or maybe communicate between sensors. I think about ZeroMQ or something like that. If you think it is a good idea I can create a PR for that.

[glaslos]

Hm, at its current state, I don't see a benefit for Glutton sensors to communicate with each other 🤔 What could we use this for?

With SNARE/Tanner the idea was that if the first sensor didn't make it past the first stage, the next sensor would try a different response. This would also be super relevant for Glutton but would require quite some work. E.g. the TCP handler could try different response, or even higher up, we could use a different protocol handler. In the Telnet handler we could attempt different responses to see which make it to the next stage.

[nassimabedi]

Actually, the main idea was to store data log from sensors on a server to communicate with data analysis systems At that time, I was looking for an optimal way to place several sensors of gluten in different places of a network and logs in a central server and this server have the ability to communicate with other systems for reporting or analysis and ... This feature allows simultaneous communication for other systems to use honeypot logs.

[glaslos]

Have a look at https://github.com/honeynet/ochi