In this video, John Strand goes through the setup and use of Portspoof. Portspoof is a great little cyber deception tool that can be used as a honeypot or as a way to frustrate attackers. You can configure Portspoof to listen on any TCP port of your choosing and even return service banner upon connection. The result is that port and vulnerability scanning tools will produce inaccurate results for any would-be attackers probing your environment.
Interested in threat hunting tools? Check out AC-Hunter
Active Countermeasures is passionate about providing quality, educational content for the Infosec and Threat Hunting community. We appreciate your feedback so we can keep providing the type of content the community wants to see. Please feel free to Email Us with your ideas!
John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. He is a coveted speaker and much loved SANS teacher. John is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks.