Walter.Net.HoneyPot 2023.2.11.1628

Prefix Reserved

There is a newer version of this package available.
See the version list below for details.

dotnet add package Walter.Net.HoneyPot --version 2023.2.11.1628

NuGet\Install-Package Walter.Net.HoneyPot -Version 2023.2.11.1628

This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.

<PackageReference Include="Walter.Net.HoneyPot" Version="2023.2.11.1628" />

For projects that support PackageReference, copy this XML node into the project file to reference the package.

<PackageVersion Include="Walter.Net.HoneyPot" Version="2023.2.11.1628" />
                    

                            Directory.Packages.props

<PackageReference Include="Walter.Net.HoneyPot" />
                    

                            Project file

For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.

paket add Walter.Net.HoneyPot --version 2023.2.11.1628

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

#r "nuget: Walter.Net.HoneyPot, 2023.2.11.1628"

#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.

#:package Walter.Net.HoneyPot@2023.2.11.1628

#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.

#addin nuget:?package=Walter.Net.HoneyPot&version=2023.2.11.1628
                    

                            Install as a Cake Addin

#tool nuget:?package=Walter.Net.HoneyPot&version=2023.2.11.1628
                    

                            Install as a Cake Tool

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

About the Honey-Pot detector

The honey pot detector allows to detect and interact with applications that are attempting to communicate with your server via a particular port. Understanding who is maliciously trying to exploit the system helps identify bad actors and will allow you to tune the system alerting an attempt by a system classified as being a bad actor and will allow the framework to block any requests and or return a payload.

Integrating the honey-pot detector in your application

Integrating the honey-pot listener takes 3 steps.

step 1:

Foreword ports in your edge switch to ports monitored by the honey-pot configuration. A recommendation is to map the ports to a free port not used by the server. An example map port 22 to port 60022 and configure the honey-port to watch any communication on port 4000

step 2

Configure the firewall to allow communication on port 4000.

step 3

Configure the application to subscribe to the port detections. To do this in the firewall you should use a configuration similar to this:

services.AddFireWall()
        .UsePortScannerProtection(connectionString: DatabaseConnections.FireWallState, options =>
               {

                   /* map the service ports to a local port on your computer
                   *  Redirect the requests to your computer and open the firewall 
                   *  for the redirected ports */

                   options.SSH = 4000; // map port 22 to port 4000 on your router 
                   options.TSQL = 4001; // map port 1433 to port 4001 on your router 
                   options.Telnet = 4002; // map port 23 to port 4002 on your router 
                   options.MYSQL = 4005; // map port 3306 to port 4005 on your router
                   options.DNS = 4006; // map port 53 to port 4005 on your router
                   options.Telnet 4007; //map port 23 to port 4007 on your router;

                   /*you can manually map port aliases in the range from 0 till 65535*/
                   options.AddOrUpdate(externalPort: 587, internalPort: 4007, name: "ESMTP Extended Simple Mail Transfer Protocol");
                   options.AddOrUpdate(externalPort: 647, internalPort: 4008, name: "DHCP Fail-over");

                   /*Record up-to 8,000 character when someone is trying to attack the service for legal reporting*/
                   options.MaximumDataSizeToAccept = 254;

                   /*Look between every 100ms and 30000ms if someone is trying to gain access to the system */
                   options.PoolFrequency = 100;

                   /* Add a default reply to any connection, you can send an auto-reply 
                    * You can use the template values:
                    * {IP}  - the attackers IP address
                    * {Port}- the port being attacked
                    * {Name}- the name of the alias being used
                    * {ISP} - the name of the Internet service provider that the attacker is using will be injected
                    * {Country} - the country name will be injected
                    * to personalize the message or leave it blank to record silently*/
                   options.DefaultReply = "This service is being monitored and we have detected your intentions attack {Name}" +
                                          " via {IP}:{Port} to gain unlawful access to the system, please note that any unlawful" +
                                          " activity will be reported to {ISP} as well as the relevant authorities in {Country}";

               })

The above code assumes that you are using the FireWall from NuGet package Walter.Web.FireWall. If you are using any of the services that you are monitoring then map the default ports to custom ports on your router there are 2 steps for this:

Map the custom port on the router, an example map 222 to port 22
Use port 222 to connect using SSH

Please note that a lot of attackers are looking for victims using port scanners to target venerable IP addresses before attacking a system. You can have a look here and see how these attacks are being executed.

Product	Compatible and additional computed target framework versions.
.NET	net6.0 is compatible. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 is compatible. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 was computed. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed.

Product

.NET

Compatible target framework(s)

Included target framework(s) (in package)

Learn more about Target Frameworks and .NET Standard.

net6.0
- Microsoft.Extensions.Configuration.Binder (>= 7.0.2)
- System.IO.Pipelines (>= 7.0.0)
- Walter.Net.LookWhosTalking (>= 2023.2.11.1628)
- Walter.Net.Networking (>= 2023.2.11.1628)
net7.0
- Microsoft.Extensions.Configuration.Binder (>= 7.0.2)
- System.IO.Pipelines (>= 7.0.0)
- Walter.Net.LookWhosTalking (>= 2023.2.11.1628)
- Walter.Net.Networking (>= 2023.2.11.1628)

NuGet packages (1)

Showing the top 1 NuGet packages that depend on Walter.Net.HoneyPot:

Package	Downloads
Walter.Web.FireWall Enhance .NET applications with a robust firewall, designed as middleware and IActionFilter, protecting against CVE attacks, web scraping, and phishing. Configurable via annotations and a rule engine services.AddFireWall(FireWallTrial.License, FireWallTrial.DomainKey , domainName: new Uri("https://www.your-domain.com", UriKind.Absolute) , options => { //your options }); Have a look at the GitHub samples at https://github.com/ASP-WAF/FireWall and https://github.com/ASP-WAF/FireWall/wiki to see how to use the firewall in applications. You can view the firewall in action using https://www.asp-waf.com/Firewall You can get started with the firewall using the samples shown in https://www.asp-waf.com/download/ASP-WAF-FireWall-Getting-Started.pdf as well as the on line documentation at https://firewallapi.asp-waf.com/	1.4M

Package

Downloads

Walter.Web.FireWall

Enhance .NET applications with a robust firewall, designed as middleware and IActionFilter, protecting against CVE attacks, web scraping, and phishing. Configurable via annotations and a rule engine services.AddFireWall(FireWallTrial.License, FireWallTrial.DomainKey , domainName: new Uri("https://www.your-domain.com", UriKind.Absolute) , options => { //your options }); Have a look at the GitHub samples at https://github.com/ASP-WAF/FireWall and https://github.com/ASP-WAF/FireWall/wiki to see how to use the firewall in applications. You can view the firewall in action using https://www.asp-waf.com/Firewall You can get started with the firewall using the samples shown in https://www.asp-waf.com/download/ASP-WAF-FireWall-Getting-Started.pdf as well as the on line documentation at https://firewallapi.asp-waf.com/

1.4M

GitHub repositories

This package is not used by any popular GitHub repositories.

Version	Downloads	Last Updated
2025.8.13.1223	186	8/13/2025
2025.7.30.1003	103	7/30/2025
2025.7.10.1347	209	7/10/2025
2025.6.30.1407	254	7/1/2025
2025.6.12.1057	369	6/12/2025
2025.4.17.1816	276	4/17/2025
2025.3.13.1323	240	3/13/2025
2025.2.26.1642	207	2/26/2025
2025.2.25.1033	190	2/26/2025
2025.2.24.1556	192	2/25/2025
2025.2.16.1149	259	2/19/2025
2025.2.15.1316	204	2/15/2025
2025.1.16.1410	180	1/16/2025
2025.1.4.1941	230	1/4/2025
2025.1.3.1457	148	1/4/2025
2025.1.2.1544	190	1/3/2025
2024.12.14.838	230	12/14/2024
2024.12.13.1227	201	12/13/2024
2024.12.9.1107	198	12/13/2024
2024.11.28.1632	196	11/28/2024
2024.11.20.644	315	11/21/2024
2024.11.15.421	295	11/15/2024
2024.11.11.1334	202	11/14/2024
2024.11.6.1222	277	11/6/2024
2024.10.28.1605	297	10/28/2024
2024.10.28.1335	262	10/28/2024
2024.10.19.1525	274	10/20/2024
2024.10.18.1315	270	10/18/2024
2024.9.27.1406	256	9/27/2024
2024.9.17.1417	321	9/17/2024
2024.9.12.1923	336	9/12/2024
2024.9.6.1352	333	9/7/2024
2024.9.1.1159	327	9/1/2024
2024.8.26.1150	366	8/26/2024
2024.8.19.1411	347	8/19/2024
2024.8.17.1000	364	8/17/2024
2024.8.12.1622	337	8/13/2024
2024.8.5.1010	315	8/5/2024
2024.8.1.1545	422	8/16/2024
2024.7.28.629	208	7/28/2024
2024.7.26.1512	199	7/26/2024
2024.7.26.828	198	7/26/2024
2024.7.11.1604	310	7/11/2024
2024.7.9.1520	327	7/9/2024
2024.7.4.1425	312	7/4/2024
2024.7.3.1249	331	7/3/2024
2024.7.2.1536	352	7/2/2024
2024.6.28.953	324	6/28/2024
2024.6.6.1320	156	6/8/2024
2024.5.15.1634	148	5/15/2024
2023.11.13.1117	1,670	11/13/2023
2023.10.26.1502	1,592	10/29/2023
2023.10.12.1926	1,726	10/12/2023
2023.9.14.812	1,865	9/14/2023
2023.9.7.1748	1,884	9/7/2023
2023.9.7.1241	1,848	9/7/2023
2023.9.6.1001	1,830	9/6/2023
2023.9.5.1246	1,849	9/5/2023
2023.9.5.1032	1,848	9/5/2023
2023.8.31.1522	1,914	8/31/2023
2023.8.29.1040	1,927	8/29/2023
2023.8.17.901	1,982	8/17/2023
2023.8.9.1314	2,111	8/9/2023
2023.8.2.750	2,182	8/2/2023
2023.7.12.830	2,137	7/12/2023
2023.7.5.1419	2,226	7/6/2023
2023.6.14.1628	2,260	6/14/2023
2023.6.11.1304	2,391	6/11/2023
2023.5.30.1640	2,325	5/30/2023
2023.5.4.1552	2,408	5/4/2023
2023.5.1.1524	2,359	5/1/2023
2023.4.29.910	2,563	4/29/2023
2023.4.12.1236	2,581	4/12/2023
2023.3.22.1456	2,690	3/22/2023
2023.3.14.1356	2,835	3/14/2023
2023.3.1.810	2,853	3/1/2023
2023.2.25.11857	2,876	2/25/2023
2023.2.22.27	2,860	2/22/2023
2023.2.15.1413	2,925	2/15/2023
2023.2.11.1628	2,977	2/11/2023
2023.1.11.534	3,122	1/11/2023
2022.12.30.711	3,193	12/30/2022
2022.12.16.1536	1,037	12/16/2022
2022.12.15.1241	994	12/16/2022
2022.12.15.1108	3,173	12/15/2022
2022.12.14.648	3,286	12/14/2022
2022.11.27.1059	3,304	11/27/2022
2022.11.21.338	3,361	11/21/2022
2022.11.14.1819	3,457	11/14/2022
2022.11.13.917	3,422	11/13/2022
2022.11.7.1632	1,096	11/13/2022
2022.10.31.740	6,104	11/1/2022
2022.10.15.652	6,619	10/15/2022
2022.10.1.810	6,940	10/1/2022
2022.9.26.1444	6,956	9/26/2022
2022.9.14.1508	7,087	9/14/2022
2022.9.14.809	7,155	9/14/2022
2022.9.8.1009	7,259	9/8/2022
2022.8.20.1007	7,161	8/20/2022
2022.8.1.1	7,284	7/31/2022
2022.7.1300	7,525	7/1/2022
2022.7.31.1016	7,383	7/31/2022
2022.7.15.841	7,375	7/15/2022
2022.6.21.647	7,386	6/21/2022
2022.5.18.638	7,391	5/19/2022
2022.5.16.853	7,528	5/19/2022
2022.5.16.816	7,498	5/16/2022
2022.5.4.1010	7,450	5/4/2022
2022.4.10.947	7,961	4/10/2022
2022.4.10.925	7,905	4/10/2022
2022.4.10.828	7,879	4/10/2022
2022.4.1.1545	8,127	4/1/2022
2022.3.31.823	6,949	3/31/2022
2022.3.26.1103	8,110	3/26/2022
2022.3.26.820	7,764	3/26/2022
2022.3.25.840	7,158	3/26/2022
2022.3.24.1701	1,331	3/25/2022
2022.2.16.1131	8,299	2/17/2022
2022.2.16.834	8,121	2/17/2022
2022.2.15.824	2,248	2/17/2022
2022.2.11.1452	2,378	2/17/2022
2022.2.11.931	2,198	2/17/2022
2022.2.5.1114	8,389	2/5/2022
2022.1.17.1158	8,165	1/17/2022
2022.1.10.1505	8,533	1/10/2022
2022.1.10.537	8,536	1/10/2022
2022.1.5.1139	7,955	1/8/2022
2021.12.28.1452	9,011	12/28/2021
2021.12.16.812	8,647	12/16/2021
2021.11.23.1528	14,890	11/24/2021
2021.11.21.925	14,878	11/22/2021
2021.11.19.1503	1,116	11/22/2021
2021.11.19.847	9,766	11/19/2021
2021.11.18.1824	9,165	11/16/2021
2021.11.10.852	9,961	11/10/2021
2021.11.9.2021	9,511	11/9/2021
2021.11.8.2109	7,255	11/9/2021
2021.11.8.1612	7,782	11/8/2021
2021.11.7.1021	7,839	11/8/2021
2021.11.3.1612	8,128	11/4/2021
2021.11.1.1102	6,676	11/1/2021
2021.10.25.1206	8,228	10/25/2021
2021.10.23.1310	8,049	10/25/2021
2021.10.19.1522	8,071	10/19/2021
2021.10.16.1325	7,978	10/18/2021
2021.10.9.1119	283	10/9/2024
2021.10.6.1546	8,005	10/6/2021
2021.10.5.1450	8,196	10/5/2021
2021.10.4.1155	8,203	10/5/2021
2021.10.4.807	1,180	10/5/2021
2021.10.1.753	8,213	10/1/2021
2021.9.27.1005	7,635	9/28/2021
2021.9.26.1913	8,300	9/26/2021
2021.9.19.1015	7,970	9/19/2021
2021.9.17.1702	4,816	9/17/2021
2021.9.17.1449	10,800	9/17/2021
2021.9.13.1600	6,194	9/13/2021
2021.9.12.1100	4,580	9/13/2021
2021.9.11.2004	7,505	9/11/2021
2021.9.9.1110	8,006	9/9/2021
2021.9.7.1901	8,165	9/8/2021
2021.9.7.1121	8,283	9/7/2021
2021.9.7.927	1,180	9/7/2021
2021.9.6.1518	7,685	9/7/2021
2021.9.4.1124	8,076	9/4/2021
2021.9.2.708	7,801	9/4/2021
2021.9.0.1259	7,754	9/2/2021
2021.8.2200	7,205	8/23/2021
2021.8.2100	8,061	8/23/2021
2021.8.22.900	8,237	8/22/2021
2021.8.18.1500	8,179	8/18/2021
2021.8.18.930	8,088	8/18/2021
2021.8.14.1600	8,121	8/16/2021
2021.8.14.829	3,952	8/14/2021
2021.8.9.1105	8,139	8/9/2021
2021.8.8.1612	7,858	8/8/2021
2021.8.8.1138	7,091	8/8/2021
2021.8.6.1044	7,831	8/6/2021
2021.8.4.1355	8,413	8/5/2021
2021.7.30.2118	8,359	7/31/2021
2021.7.27.926	8,280	7/28/2021
2021.7.23.931	8,515	7/26/2021
2021.7.22.1456	7,983	7/23/2021
2021.7.15.1547	8,097	7/15/2021
2021.7.13.812	7,910	7/13/2021
2021.7.8.1527	8,264	7/10/2021
2021.7.5.1649	7,242	7/5/2021
2021.6.29.1453	8,417	6/30/2021
2021.6.26.1753	8,712	6/27/2021
2021.6.25.1849	8,308	6/25/2021
2021.6.24.1518	8,290	6/24/2021
2021.6.20.729	15,745	6/20/2021
2021.6.14.2025	8,462	6/15/2021
2021.6.13.2035	8,742	6/14/2021
2021.6.12.1154	8,109	6/13/2021
2021.6.9.1120	8,484	6/9/2021
2021.6.7.2103	1,189	6/7/2021
2021.6.3.1509	8,083	6/3/2021
2021.5.31.1533	8,344	5/31/2021
2021.5.31.1415	8,335	5/31/2021
2021.5.25.1732	7,277	5/25/2021
2021.5.24.1128	8,043	5/24/2021
2021.5.24.1019	7,909	5/24/2021
2021.5.12.1054	7,900	5/12/2021
2021.5.12.637	6,276	5/12/2021
2021.5.10.1442	7,366	5/11/2021
2021.5.8.1226	7,844	5/8/2021

Major releases that add functionality other than optimization and minor bug fixing
11 January 2023
- update to 7.0.2, 6.0.13 SDK and build tools for 17.4.4

14 December 2022
- Update to .Net SDK 3.1.426, 6.0.404 and 7.0.101

7 December 2022
- re-enable support for .net standard 2.1

21 November 2022
- Update to integrate the .net 7.0 cypher package release
- Update package references

14 November 2022
- Update NuGet Packages

6 November 2022
- Add support for .Net 7

15 November 2022
- Update NuGet package references

1 October 2022
- Update build with new SDK
- Update code sign certificates

14 September 2022
- Update to include new package 6.0.X and Microsoft CVE-2022-38013

02 September 2022
- Please make sure to update servers using this packages due to a security bug in .net
> System.Security.Cryptography.Xml 4.5.0 Moderate https://github.com/advisories/GHSA-2m65-m22p-9wjw
> System.Text.Encodings.Web 4.5.0 Critical https://github.com/advisories/GHSA-ghhp-997w-qr28

15 June 2022
- Update to support .net 6.0.7 and 3.1.27
- Update package references

21 June 2022
- Update package references
- Update compiler warning

4 May 2022
- Update NuGet References
- Update API definition

15 March 2022
- update to 6.0.3

5 March add base classes used by IDPS framework
- Service discovery updates

24 January 2022
- Add Property monitoring, changing properties at runtime will alter the listening scope and definition
- Allow adding and removing listener while the service is active
- Allow excursive or shared use of ports

16 December 2021
- Update to .Net SDK update 14 December for .NET CORE 3.1.416, and .NET 5.0.404 and 6.0.101

9 November 2021
- Fix package dependency on vulnerable packages from Microsoft by upgrading vulnerable packages

08 November 2021
- Update to .Net NuGet packages .NET 6.0.0, .NET 5.0.403 and core 3.1.415

3 November 2021
- Trigger a on keyword events when a exploit was detected with a given word in the stream send to the socket

2 November 2021
- update port mapping allowing for binding ports from configuration file skipping non-mapped ports with a value of 0

11 October 2021
- CodeSign the binaries as well as the NuGet package for executing in a trust-platform

1 October 2021
- Add additional blocking reason for firewall rule engine to use when getting a port scan or a port exploit in IHoneyPotPortDetection
- Add support for Hex-Dump reading the received data making the data human readable
- Add abstract of the block reason to IHoneyPotPortDetection
- Update capturing missing intercept locations in the report API

26 September 2021
- Update process handling to store actual response not the response template
- Add Date-time stamp for each triggered contact

19 September 2021
- Update NuGet packages release for .Net 5.0.10

4 September 2021
- Add default port configuration for WAC and Tomcat

8 Aug 2021
- update to .NET 6.0 SDK (v6.0.100-preview.6)

30 June 2021
- Add .Net 6.0 binaries to the nuget package

23 June 2021
- Save native attack stream in IHoneyPotPortDetection as Base64 string allowing for attack-replay

15 June 2021
- Update to .Net Core 3.1.17 and .Net 5.0.8 SDK

19 June 2020
- Record data send to the honey-pot based on text encoding detection text

11 June 2021
- Update store GuardResponse in data tables
- Add trace route to detected incident if the option is set

09 June 2021
- Update to .Net SDK 5.0.301 and 3.1.410

07 June 2021
- Update NuGet Package references

31 May 2021
- Update to more efficiently extract WHOIS data for more possible attackers

12 April 2021
- Update to new code base after .net security violation fix

10 May 2021
- Update Database based storage

05 April 2021
- Update process data processing
- Log requests that do not send data

22 March 2021 - performance update
- Logging update