Walter.Net.HoneyPot 2025.9.1452

Prefix Reserved
.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher. .NET Standard 2.0 This package targets .NET Standard 2.0. The package is compatible with this framework or higher. 
dotnet add package Walter.Net.HoneyPot --version 2025.9.1452
                    


                    

                
NuGet\Install-Package Walter.Net.HoneyPot -Version 2025.9.1452
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Walter.Net.HoneyPot" Version="2025.9.1452" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Walter.Net.HoneyPot" Version="2025.9.1452" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Walter.Net.HoneyPot" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Walter.Net.HoneyPot --version 2025.9.1452
                    


                    

                
#r "nuget: Walter.Net.HoneyPot, 2025.9.1452"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package Walter.Net.HoneyPot@2025.9.1452
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=Walter.Net.HoneyPot&version=2025.9.1452
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=Walter.Net.HoneyPot&version=2025.9.1452
                    


                            Install as a Cake Tool

About the Honey-Pot detector

The honey pot detector allows to detect and interact with applications that are attempting to communicate with your server via a particular port. Understanding who is maliciously trying to exploit the system helps identify bad actors and will allow you to tune the system alerting an attempt by a system classified as being a bad actor and will allow the framework to block any requests and or return a payload.

Integrating the honey-pot detector in your application

Integrating the honey-pot listener takes 3 steps.

step 1:

Foreword ports in your edge switch to ports monitored by the honey-pot configuration. A recommendation is to map the ports to a free port not used by the server. An example map port 22 to port 60022 and configure the honey-port to watch any communication on port 4000

step 2

Configure the firewall to allow communication on port 4000.

step 3

Configure the application to subscribe to the port detections. To do this in the firewall you should use a configuration similar to this:

services.AddFireWall()
        .UsePortScannerProtection(connectionString: DatabaseConnections.FireWallState, options =>
               {

                   /* map the service ports to a local port on your computer
                   *  Redirect the requests to your computer and open the firewall 
                   *  for the redirected ports */

                   options.SSH = 4000; // map port 22 to port 4000 on your router 
                   options.TSQL = 4001; // map port 1433 to port 4001 on your router 
                   options.Telnet = 4002; // map port 23 to port 4002 on your router 
                   options.MYSQL = 4005; // map port 3306 to port 4005 on your router
                   options.DNS = 4006; // map port 53 to port 4005 on your router
                   options.Telnet 4007; //map port 23 to port 4007 on your router;

                   /*you can manually map port aliases in the range from 0 till 65535*/
                   options.AddOrUpdate(externalPort: 587, internalPort: 4007, name: "ESMTP Extended Simple Mail Transfer Protocol");
                   options.AddOrUpdate(externalPort: 647, internalPort: 4008, name: "DHCP Fail-over");

                   /*Record up-to 8,000 character when someone is trying to attack the service for legal reporting*/
                   options.MaximumDataSizeToAccept = 254;

                   /*Look between every 100ms and 30000ms if someone is trying to gain access to the system */
                   options.PoolFrequency = 100;

                   /* Add a default reply to any connection, you can send an auto-reply 
                    * You can use the template values:
                    * {IP}  - the attackers IP address
                    * {Port}- the port being attacked
                    * {Name}- the name of the alias being used
                    * {ISP} - the name of the Internet service provider that the attacker is using will be injected
                    * {Country} - the country name will be injected
                    * to personalize the message or leave it blank to record silently*/
                   options.DefaultReply = "This service is being monitored and we have detected your intentions attack {Name}" +
                                          " via {IP}:{Port} to gain unlawful access to the system, please note that any unlawful" +
                                          " activity will be reported to {ISP} as well as the relevant authorities in {Country}";

               })

The above code assumes that you are using the FireWall from NuGet package Walter.Web.FireWall. If you are using any of the services that you are monitoring then map the default ports to custom ports on your router there are 2 steps for this:

  1. Map the custom port on the router, an example map 222 to port 22
  2. Use port 222 to connect using SSH

Configuration via json

You can configure the honey-pot service to enable ports and protocols via json file and there is no need to hard-code this using the action ad compile time

binding though configuration

A sample of how to integrate and bind the options using configuration by binding using IConfiguration section, in this sample the section is named HoneyPot and is consumed like so:

public static T ConfigureDI<T>(this T service, IConfiguration configuration)  where T : IServiceCollection
{

    // your other configurations
    service.AddSingleton<IConfiguration>(configuration);

    service.UsePortScannerProtection( connectionString: configuration.GetConnectionString("PortScanner")! //-> connection string to log in database tables will be generated as needed but the connections needs DDL rights
                                , configurationSection: configuration.GetRequiredSection("HoneyPot"));  //-> configure honey pot ports
    
    return service;
}

sample Applicationsetting.json fragment

To allow the binding to work you can use the bellow sample json setting:

"HoneyPot": {
  "DefaultReply": null,
  "BlockThePort": true,
  "EnableLogging": true,
  "IgnoreAfterDetection": "DoNotIgnore",
  "LogDataForAudit": true,
  "MaximumDataSizeToAccept": 512,
  "PoolFrequency": 1000,
  "RemoteHoneyPotClientName": "Remove-To-Use-Machine-Name",
  "RemoteHoneyPotClientPort": 1200,
  "TracertAttackers": true,
  "Caching": {
    "SlidingExpiration": "00:20:00",
    "Priority": "Normal"
  },
  "ConnectionDetails": {
     "DataRetention": "30.00:00:00" // 30 days in TimeSpan format
  },
  "DNS": 4053,
  "Echo": 4007,
  "Finger": 4079,
  "FTP": 4020,
  "ICP": 4029,
  "IMAP": 4143,
  "IPsec": 4050,
  "LDAP": 4389,
  "MYSQL": 4306,
  "NetBIOS_CIFS": 4137,
  "NetBIOS_PNS": 4136,
  "NetBIOS_RPC": 4135,
  "NetBIOS_SMB": 4139,
  "NNTP": 4119,
  "OpenEdge": 42031,
  "Oracle": 41521,
  "POP3": 4110,
  "RemoteDesktop": 4389,
  "SecureFTP": 4989,
  "SecureIMAP": 4993,
  "SMTP": 4025,
  "SNMP": 4161,
  "SSH": 4022,
  "Sybase": 42638,
  "Telnet": 4023,
  "Tomcat": 4843,
  "TSQL": 4433,
  "WindowsAdministrationCenter": 46516

},
IgnoreAfterDetection property

The Default is IPAddressAndPort, this will ignore the IPAddress and port as the detector assumes you block any future requests from the IP address. The values assignable to IgnoreAfterDetection are:

    /// <summary>
    /// The scope of how to ignore future request after having been detected
    /// </summary>
    /// <remarks>The Default is to ignore the IPAddress and port as the detector assumes you block any future requests from the IP address </remarks>
    public enum IgnoreScope
    {
        /// <summary>
        /// Ignore the IP address and port on future requests
        /// </summary>
        IPAddressAndPort = 0,
        /// <summary>
        /// Ignore the IP Address but any other requests from the IP address with a different port trigger a response
        /// </summary>
        IPAddress = 1,
        /// <summary>
        /// Do not ignore any future requests and trigger a honey-pot response
        /// </summary>
        DoNotIgnore = 2,

    }

Please note that a lot of attackers are looking for victims using port scanners to target venerable IP addresses before attacking a system. You can have a look here and see how these attacks are being executed.

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-maccatalyst18.0 is compatible.  net8.0-macos was computed.  net8.0-macos15.0 is compatible.  net8.0-tvos was computed.  net8.0-windows was computed.  net8.0-windows7.0 is compatible.  net9.0 is compatible.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-maccatalyst18.0 is compatible.  net9.0-macos was computed.  net9.0-macos15.0 is compatible.  net9.0-tvos was computed.  net9.0-windows was computed.  net9.0-windows7.0 is compatible.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 is compatible. 
.NET Framework net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on Walter.Net.HoneyPot:

Package Downloads
Walter.Web.FireWall

Enhance .NET applications with a robust firewall, designed as middleware and IActionFilter, protecting against CVE attacks, web scraping, and phishing. Configurable via annotations and a rule engine services.AddFireWall(FireWallTrial.License, FireWallTrial.DomainKey , domainName: new Uri("https://www.your-domain.com", UriKind.Absolute) , options => { //your options }); Have a look at the GitHub samples at https://github.com/ASP-WAF/FireWall and https://github.com/ASP-WAF/FireWall/wiki to see how to use the firewall in applications. You can view the firewall in action using https://www.asp-waf.com/Firewall You can get started with the firewall using the samples shown in https://www.asp-waf.com/download/ASP-WAF-FireWall-Getting-Started.pdf as well as the on line documentation at https://firewallapi.asp-waf.com/

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
2025.9.1452 301 9/28/2025
2025.8.13.1223 334 8/13/2025
2025.7.30.1003 203 7/30/2025
2025.7.10.1347 312 7/10/2025
2025.6.30.1407 358 7/1/2025
2025.6.12.1057 478 6/12/2025
2025.4.17.1816 379 4/17/2025
2025.3.13.1323 356 3/13/2025
2025.2.26.1642 314 2/26/2025
2025.2.25.1033 327 2/26/2025
2025.2.24.1556 300 2/25/2025
2025.2.16.1149 365 2/19/2025
2025.2.15.1316 310 2/15/2025
2025.1.16.1410 281 1/16/2025
2025.1.4.1941 326 1/4/2025
2025.1.3.1457 179 1/4/2025
2025.1.2.1544 301 1/3/2025
2024.12.14.838 336 12/14/2024
2024.12.13.1227 316 12/13/2024
2024.12.9.1107 280 12/13/2024
2024.11.28.1632 292 11/28/2024
2024.11.20.644 414 11/21/2024
2024.11.15.421 399 11/15/2024
2024.11.11.1334 303 11/14/2024
2024.11.6.1222 411 11/6/2024
2024.10.28.1605 439 10/28/2024
2024.10.28.1335 387 10/28/2024
2024.10.19.1525 400 10/20/2024
2024.10.18.1315 404 10/18/2024
2024.9.27.1406 379 9/27/2024
2024.9.17.1417 457 9/17/2024
2024.9.12.1923 483 9/12/2024
2024.9.6.1352 477 9/7/2024
2024.9.1.1159 463 9/1/2024
2024.8.26.1150 486 8/26/2024
2024.8.19.1411 466 8/19/2024
2024.8.17.1000 503 8/17/2024
2024.8.12.1622 473 8/13/2024
2024.8.5.1010 461 8/5/2024
2024.8.1.1545 562 8/16/2024
2024.7.28.629 333 7/28/2024
2024.7.26.1512 325 7/26/2024
2024.7.26.828 336 7/26/2024
2024.7.11.1604 439 7/11/2024
2024.7.9.1520 452 7/9/2024
2024.7.4.1425 455 7/4/2024
2024.7.3.1249 469 7/3/2024
2024.7.2.1536 492 7/2/2024
2024.6.28.953 455 6/28/2024
2024.6.6.1320 177 6/8/2024
2024.5.15.1634 175 5/15/2024
2023.11.13.1117 1,804 11/13/2023
2023.10.26.1502 1,718 10/29/2023
2023.10.12.1926 1,873 10/12/2023
2023.9.14.812 1,997 9/14/2023
2023.9.7.1748 2,021 9/7/2023
2023.9.7.1241 1,967 9/7/2023
2023.9.6.1001 1,977 9/6/2023
2023.9.5.1246 1,974 9/5/2023
2023.9.5.1032 1,984 9/5/2023
2023.8.31.1522 2,042 8/31/2023
2023.8.29.1040 2,058 8/29/2023
2023.8.17.901 2,113 8/17/2023
2023.8.9.1314 2,245 8/9/2023
2023.8.2.750 2,314 8/2/2023
2023.7.12.830 2,276 7/12/2023
2023.7.5.1419 2,352 7/6/2023
2023.6.14.1628 2,407 6/14/2023
2023.6.11.1304 2,533 6/11/2023
2023.5.30.1640 2,466 5/30/2023
2023.5.4.1552 2,549 5/4/2023
2023.5.1.1524 2,502 5/1/2023
2023.4.29.910 2,723 4/29/2023
2023.4.12.1236 2,730 4/12/2023
2023.3.22.1456 2,839 3/22/2023
2023.3.14.1356 3,001 3/14/2023
2023.3.1.810 3,015 3/1/2023
2023.2.25.11857 3,028 2/25/2023
2023.2.22.27 3,023 2/22/2023
2023.2.15.1413 3,062 2/15/2023
2023.2.11.1628 3,149 2/11/2023
2023.1.11.534 3,276 1/11/2023
2022.12.30.711 3,352 12/30/2022
2022.12.16.1536 1,069 12/16/2022
2022.12.15.1241 1,028 12/16/2022
2022.12.15.1108 3,317 12/15/2022
2022.12.14.648 3,439 12/14/2022
2022.11.27.1059 3,463 11/27/2022
2022.11.21.338 3,509 11/21/2022
2022.11.14.1819 3,597 11/14/2022
2022.11.13.917 3,577 11/13/2022
2022.11.7.1632 1,127 11/13/2022
2022.10.31.740 6,305 11/1/2022
2022.10.15.652 6,938 10/15/2022
2022.10.1.810 7,190 10/1/2022
2022.9.26.1444 7,274 9/26/2022
2022.9.14.1508 7,334 9/14/2022
2022.9.14.809 7,386 9/14/2022
2022.9.8.1009 7,540 9/8/2022
2022.8.20.1007 7,402 8/20/2022
2022.8.1.1 7,555 7/31/2022
2022.7.1300 7,783 7/1/2022
2022.7.31.1016 7,655 7/31/2022
2022.7.15.841 7,640 7/15/2022
2022.6.21.647 7,627 6/21/2022
2022.5.18.638 7,627 5/19/2022
2022.5.16.853 7,839 5/19/2022
2022.5.16.816 7,757 5/16/2022
2022.5.4.1010 7,711 5/4/2022
2022.4.10.947 8,224 4/10/2022
2022.4.10.925 8,199 4/10/2022
2022.4.10.828 8,139 4/10/2022
2022.4.1.1545 8,339 4/1/2022
2022.3.31.823 7,172 3/31/2022
2022.3.26.1103 8,406 3/26/2022
2022.3.26.820 7,994 3/26/2022
2022.3.25.840 7,401 3/26/2022
2022.3.24.1701 1,364 3/25/2022
2022.2.16.1131 8,558 2/17/2022
2022.2.16.834 8,363 2/17/2022
2022.2.15.824 2,315 2/17/2022
2022.2.11.1452 2,455 2/17/2022
2022.2.11.931 2,268 2/17/2022
2022.2.5.1114 8,655 2/5/2022
2022.1.17.1158 8,397 1/17/2022
2022.1.10.1505 8,824 1/10/2022
2022.1.10.537 8,783 1/10/2022
2022.1.5.1139 8,213 1/8/2022
2021.12.28.1452 9,259 12/28/2021
2021.12.16.812 8,970 12/16/2021
2021.11.23.1528 15,189 11/24/2021
2021.11.21.925 15,264 11/22/2021
2021.11.19.1503 1,153 11/22/2021
2021.11.19.847 10,033 11/19/2021
2021.11.18.1824 9,429 11/16/2021
2021.11.10.852 10,354 11/10/2021
2021.11.9.2021 9,850 11/9/2021
2021.11.8.2109 7,507 11/9/2021
2021.11.8.1612 8,024 11/8/2021
2021.11.7.1021 8,066 11/8/2021
2021.11.3.1612 8,452 11/4/2021
2021.11.1.1102 6,952 11/1/2021
2021.10.25.1206 8,577 10/25/2021
2021.10.23.1310 8,251 10/25/2021
2021.10.19.1522 8,348 10/19/2021
2021.10.16.1325 8,256 10/18/2021
2021.10.9.1119 425 10/9/2024
2021.10.6.1546 8,263 10/6/2021
2021.10.5.1450 8,432 10/5/2021
2021.10.4.1155 8,437 10/5/2021
2021.10.4.807 1,213 10/5/2021
2021.10.1.753 8,515 10/1/2021
2021.9.27.1005 7,855 9/28/2021
2021.9.26.1913 8,549 9/26/2021
2021.9.19.1015 8,218 9/19/2021
2021.9.17.1702 5,000 9/17/2021
2021.9.17.1449 11,222 9/17/2021
2021.9.13.1600 6,445 9/13/2021
2021.9.12.1100 4,759 9/13/2021
2021.9.11.2004 7,778 9/11/2021
2021.9.9.1110 8,315 9/9/2021
2021.9.7.1901 8,386 9/8/2021
2021.9.7.1121 8,545 9/7/2021
2021.9.7.927 1,215 9/7/2021
2021.9.6.1518 7,966 9/7/2021
2021.9.4.1124 8,366 9/4/2021
2021.9.2.708 8,112 9/4/2021
2021.9.0.1259 8,039 9/2/2021
2021.8.2200 7,524 8/23/2021
2021.8.2100 8,312 8/23/2021
2021.8.22.900 8,543 8/22/2021
2021.8.18.1500 8,393 8/18/2021
2021.8.18.930 8,345 8/18/2021
2021.8.14.1600 8,388 8/16/2021
2021.8.14.829 4,158 8/14/2021
2021.8.9.1105 8,408 8/9/2021
2021.8.8.1612 8,110 8/8/2021
2021.8.8.1138 7,268 8/8/2021
2021.8.6.1044 8,089 8/6/2021
2021.8.4.1355 8,688 8/5/2021
2021.7.30.2118 8,619 7/31/2021
2021.7.27.926 8,535 7/28/2021
2021.7.23.931 8,760 7/26/2021
2021.7.22.1456 8,300 7/23/2021
2021.7.15.1547 8,380 7/15/2021
2021.7.13.812 8,232 7/13/2021
2021.7.8.1527 8,514 7/10/2021
2021.7.5.1649 7,553 7/5/2021
2021.6.29.1453 8,681 6/30/2021
2021.6.26.1753 9,051 6/27/2021
2021.6.25.1849 8,529 6/25/2021
2021.6.24.1518 8,576 6/24/2021
2021.6.20.729 16,237 6/20/2021
2021.6.14.2025 8,695 6/15/2021
2021.6.13.2035 9,019 6/14/2021
2021.6.12.1154 8,413 6/13/2021
2021.6.9.1120 8,802 6/9/2021
2021.6.7.2103 1,223 6/7/2021
2021.6.3.1509 8,341 6/3/2021
2021.5.31.1533 8,567 5/31/2021
2021.5.31.1415 8,619 5/31/2021
2021.5.25.1732 7,562 5/25/2021
2021.5.24.1128 8,322 5/24/2021
2021.5.24.1019 8,131 5/24/2021
2021.5.12.1054 8,162 5/12/2021
2021.5.12.637 6,503 5/12/2021
2021.5.10.1442 7,586 5/11/2021
2021.5.8.1226 8,112 5/8/2021

Major releases that add functionality other than optimization and minor bug fixing
28 September 2025
- Update to .net 9.09

15 November 2024
- Remove support for deprecated framework (6,7) due to the CVE warnings in Microsoft Nuget
packages and no migration options
- Add support for .Net 9


28 July 2024
- Fix bug in Options binding
- Update documentation in readme.md

7 July 2024
- Updated Nuget package dependencies

17 November 2023
- Integrate .Net 8