As of Security Onion 2.3.110, the Intrusion Detection Honeypot Node is now integrated into Security Onion - No need to use this script anymore!
Details here: https://blog.securityonion.net/2022/03/security-onion-23110-now-available.html
This project will convert a Forward Node into an Intrusion Detection Honeypot (IDH) Node. It is experimental and a work in progress.
This script requires a distributed grid with at least one Forward node.
Clone this repo onto the Manager:
git clone https://github.com/defensivedepth/so-idh.git
Then run the installation script:
sudo sh idh-setup.sh
You will be prompted to rerun the installation script, passing in the hostname of a Forward node as a parameter:
sudo sh idh-setup.sh <Forwad Node Hostname>