Arduino Intrusion Detection / Honeypot
I decided to make a small intrusion detection system for my network. It works like this:
- When powered up it displays it’s address (can be obtained via DHCP or set statically in the code)
- After 20 seconds it blanks the display and listens for incomming traffic to the device.
- If it receives an ICMP, a UDP or a TCP SYN packet it shows up on the display.
When I get some buzzers in a few weeks, I will add that as an audible alarm.
Nothing in my network should be scanning or connecting to this IP. If this display shows something, it means I have intruders poking around in my network.
Components used
- 128×64 Blue OLED display here at AliExpress
- ENC28J60 Ethernet module here at AliExpress
- Arduino Pro Mini 3.3v 8mhz here at AliExpress
- LM1117 3.3 volt voltage regulator here at AliExpress
- 2x10K resistors
- 22uF capacitor
The veroboard layout:
Software
All the program can be found at github here.