OpenCanary is a configurable open-source honeypot solution provided by Thinkst. This wrapper script was originally created by simonxciv and modified by hawksj to expedite deployment of multiple devices in an enterprise environment. This script helps install and configure your OpenCanary appliance running Raspberry OS, including:
- Setting a static IP address if internet connection fails
- Setting the device's hostname
- Updating the OS
Configuring unattended upgrades for OS and application patches(removed to avoid bugs caused by bad patches, please uncomment to enable)- Installing dependencies (including screen)
- Installing and configuring the canary
- Creating a systemd unit file to launch OpenCanary as a service
- Raspberry OS. This script may work in other Ubuntu or Debian operating systems, but some paths are specific to Raspberry OS and may not function correctly on a different OS.
- Internet connection
For more detailed installation instructions for Simon's OpenCanary installer that forms the basis for this project, see his website.
- Copy or download the 'opencanary-installer.sh' to your home directory
- Modify the permissions of the file to allow execution using
sudo chmod +x opencanary-installer.sh - Run the installer using
sudo ./opencanary-installer.sh - If a static IP is configured within the installation script, the device will reboot and the script will need to be run again. See step 3.
- After the script automatically triggers a reboot, your device should be operating as a Canary
- Confirm the Canary service is running by entering
systemctl status opencanary. You should see a returned value that includesActive: active (running) - Check OpenCanary screen is running with
sudo screen -r - Ensure your configuration file at ~/opencanary.conf is valid
- Look for error messages at
/var/tmp/opencanary.log
Not all modules can currently be configured using this script, however I have tried to include the most common ones. Additional modules will currently need to be configured directly in the OpenCanary configuration file (found in home direction or under /root/.opencanary.conf