Honeypot enabled ... and then ...?

Turris OS version? What device? honeypot = ssh honeypot bundle in Foris? Did you have enable Data Collection bundle in Foris?

Here is Turris Omnia with 4.0.1
Yes it was honeypot option in Foris … but ssh was not written there ?!
(I dont know exactly.)
Where do I enable Data Collection Bundle ?!
TY.

I’m on Omnia, but 3.11.8, because I have a problem with SFP and PPPoE. The Data Collection bundle should always be in Update on Foris. But perhaps by selecting honeypot, the other enables itself alone. However, once both bundles are active, in Foris you must go to Data Collection (left) and enable data collection, following the on-screen instructions, which will direct you to the Turris project homepage. Once the device is registered on the Turris project homepage, it will take about an hour before the device appears on the web page to manage honeypot. The honeypot management page is haas.nic.cz

https://project.turris.cz/en/data/xxxx/show#/

where xxxx … is number youre session after login

and port 22 https://haas.nic.cz/

Have you registered? Received the token on the Project Turris page? Have you confirmed your email address?

Yes

https://doc.turris.cz/doc/en/howto/ssh_honeypot

Where can I find Registration code needed for my registration on Project Turris?
It’s not the router serial number, I tried.

I have a Indiegogo MOX. There’s no registration code on the cardboard box.

https://project.turris.cz/en/data/register-router

Normally you can see it in Foris under data collection.

Weird. I don’t see Data Collection in the Turris menu.

I tried:

  1. uninstall Data Collection via Updater
  2. reboot
  3. install Data Collection
  4. reboot

but it’s still not there.

Any ideas? Do I have to do something in LuCI?

This is in my menu:
Notifications, Password, Remote Access, Network Interfaces, WAN, LAN, Guest Network, Region And Time, DNS, Wi-Fi, Maintenance, Updater, OpenVPN, Storage, Netmetr, Pakon, Diagnostics, About.

Installed Updater / Packages:
Data Collection
SSH Honeypot
LuCI extensions
NAS
Internet connection speed measurement
OpenVPN
Pakon

languages: only CS

For everyone that try to see data collection in foris and whose are on Turris OS 4.0.x: there is not implementation in foris yet. I have ask in forum if anyone knows a way to setting data collection and honeypot by command line. Turris OS 4.O.1 is a great evolution, but it has stolen too much features. Hope those features come back early.

So one of the most advertised features is missing in TO 4? WTF?

Yes and on Omnia SFP and switch on second CPU doesn’t work. If you want this feature stay on 3.11.x. But that’s a project of 5 years ago.

Let me correct you. I have no idea who come up with this nonsence but it is not true and that CPU switch thing does not even make sense. It is all right I just want to make things clear and right.

SFP wasn’t “supported” only quite early in the development process od 4.0. The automatic SFP and metalic switch is not supported. You have to switch it manually by relinking devicetree link in /boot. This is fixed on Omnia 2019 already by new uboot and will be fixed on rest of them once we update uboot on all of them with future update. Non the less SFP works. You might just have problems with some modules as support is now fully done by kernel and not by userspace utility now.

There are two ethernet ports going to switch chip. Both of them are accessible trough both of the CPU cores. The problem is that DSA that is now used by kernel to automatically manage switch chip and it in its design supports only one link between CPU and switch. Most of the users won’t notice any change unless they use that second line as deditated gigabit connection. This was also “fixed” in one of late betas and now second link is used for Lan4. There are plans with upstream to make that configurable (moving lan ports between eth0 and eth1).

I have an Omnia 2019 and on 4.0.1 the automatic transition from WAN port to SFP does not work and unfortunately my SFP module is not compatible. I still use the WAN port with a transceiver and ethernet cable, so I solved it. To think that the SFP cage was one of the reasons I chose Turris Omnia. So it should be stated that due to the mainstream OpenWRT the SFP port is something that is fortunate and not a real feature. That is, it is a feature for those that work. As for the CPU switch, I was referring to this: https://openwrt.org/toh/views/toh_fwdownload?dataflt[0]=supported+current+rel_%3D18.06.4&dataflt[Brand*~]=turris
I certainly expressed myself badly.
Hope you don’t misunderstand my words. I appreciate your work so much. W Turris!

Are you sure that it does not work? No Omnia passes factory tests without this automatic switch being tested. I think that it worked but problem you have is with unsupported SFP module. (Note that link is not modified, uboot just loads different devicetree).
We can’t be blamed for unsupported SFP module the same way as we can’t be blamed for unsupported usb device or PCIE device unless it was shipped with device. And your argument that because of upstream doing support it is just an fortunate then the USB is also just a fortunate feature because driver is not written by us. Makes sense I hope.

Please note that link you posted is fo OpenWrt and is about year or more older than current version of Turris OS. Also some hacks we can do are not accepted to OpenWrt so not available to you there.

Come on I understand your flustration but there are a lot more pluses over minuses.

2 Likes

I love Turris :heart_eyes: It remains the only serious project in the field of home networks and beyond.

In Turris OS 4.0 and newer (Turris OS 5.x based on OpenWrt 19.07, Turris OS 6.x daily snapshots), we are based on top of OpenWrt releases with patches and our feed. Some of Turris features were rewritten from scratch and/or we are still working on them as we are now much closer to the OpenWrt. In Turris OS 3.x series, we were using uCollect, which we developed for Data collection and it was initially designed for Turris 1.x routers, but we want to provide more performance, stability, and maintainability we decided to replace it with a new data collection - Sentinel. We are going to have a talk about that in IT conference 19.
In the Updater tab, you can find a data collection package list, which contains a dynamic firewall, which is not dependent on registration and you will receive firewall updates. We have an issue in Gitlab, where you can find what’s need to be done.

In Updater tab in Package lists, there’s SSH honeypot list.

But it requires manual intervention to get it working and we will mention it in our new documentation. Before, there’s going be an article, you can take a look here what needs to be done.

Project Turris page is just for Turris OS 3.x releases (Turris 1.x, Turris Omnia).

For now, there isn’t a dedicated Data collection tab in Foris on Turris OS 4.x. We are working on it.

1 Like

I followed the procedure to activate the dynamic firewall and honeypot. Once I insert the token in the /etc/config/haas file, do I need to restart the router / service, or does it automatically read the updated configuration file?
EDIT: I have rebooted the router and after 48 hours there is not movements on Haas webpage yet.

  1. Here: https://docs.turris.cz/basics/collect/
    / You can find guide how to make HaaS working on Turris 4.x
    / Do not put the token as string (into quotation mark) as shown there

  2. Accept any host to wan for port 22. It is disabled by default in FW rules.
    / in Luci: Network-Firewall-Traffic Rules (tab)-wan_ssh_turris_rule

  3. Test it on your own but not from your network. Use a phone (not connected to Wi-Fi) then download a terminal and SSH to your router. You should see the attempt on https://haas.nic.cz/ where you created a token for your device.

I hope it helps.

1 Like

Hello

i get a email from my isp that my honeypot works on a wrong port how can i change the port ?