Use a Raspberry Pi to trick hackers into thinking they’ve found a juicy target, then study them like ants in a jar

BAITING ATTACKERS TOWARDS your own hardware might not seem a particularly good idea, but if that hardware has nothing of value on it, and is suitably isolated from your other machines, then you can more or less lure them in with impunity. The goal of setting up a honeypot is not to revenge-hack attackers, but rather to detect attacks, and distract those responsible from more valuable targets.

Opening your home network up to the internet isn’t something that should be done lightly, though. If the honeypot machine was to be compromised, then it could be used as a staging post for attacking any services running on your network, including your home router. If you were foolish enough to run a honeypot on your desktop PC, then it’s possible that an attacker would gain not only root access it, but to all your files, passwords, browser history, and anything else you use it for.

DShield is an easy-to-use honeypot that can be installed anywhere. The Raspberry Pi is ideal for this because it’s cheap and the SD card can easily be wiped if something goes wrong. DShield is a distributed intrusion-detection system created by the Internet Storm Center (ISC). In its own words, “DShield collects data about malicious activity from across the internet. This data is catalogued and summarized and can be used to discover trends in activity, confirm widespread attacks, or assist in preparing better firewall rules.” So setting up a Pi-based DShield sensor, as they’re termed, will help the security of the internet in some small way. DShield uses Cowrie, which runs dummy SSH, web, and other services to tempt attackers and gather data about what they’re trying to do.