BAIT SYSTEM — GUARD Infrastructure

SYS.INIT

001

PROTOCOL — 001

BAIT
SYSTEM

Deception-Based Intrusion Detection
& Attacker Analysis Platform

0

VECTORS

0

PORTS

0

ALERTS

NET.MAP

002

NETWORK ARCHITECTURE

Deception Topology

HACKER

CLIENT

FIREWALL

MAIN SERVER

FAKE SERVER

LOG DB

PANEL

ALERTS

5

SERVICES

128

ATTACKS

12

ALERTS

47

COUNTRIES

ATK.FLOW

003

ATTACK LIFECYCLE

How The Trap Works

1

Attacker Enters

SSH, HTTP, or FTP access attempt

2

Redirected to Bait

Traffic routed to GUARD sandbox

3

Interaction Captured

Commands, logins, files all logged

4

JSON Logged

IP, country, timestamp, type stored

5

Alert Dispatched

Telegram notification with details

6

System Protected

Real assets behind actual firewall

Lure & Isolate

Safe sandbox environment

Record Everything

Commands, files & credentials

Real-time Detection

Instant intrusion alerts

Admin Alerts

Telegram API notifications

SSH.TRAP

004

SSH GUARD

handle_ssh(client, addr)

PORT 2222 — LISTENING

PYTHON // HANDLE_SSH

def handle_ssh(client, addr): ip = addr[0] country = get_ip_info(ip) client.send(b"SSH-2.0-OpenSSH_8.2\r\n") try: data = client.recv(1024).decode() log_entry = { "time": str(datetime.now()), "ip": ip, "country": country, "type": "SSH Attack", "data": data } save_log(log_entry) send_alert(f"🚨 SSH\nIP:{ip}") except: pass client.close()

TERMINAL SIMULATION

SSH SESSION

WEB.TRAP

005

WEB VECTOR — /login

Credential Trap & Geolocation

CAPTURED PAYLOAD

COUNTRY

—

CITY

—

IP

—

ISP

—

GEO TRACE — AWAITING DATA

LOADING MAP...

SRC.CODE

006

FULL SOURCE

main.py — Execution Flow

IMPORTS & CONFIG

import socket, threading, datetime import requests, json from flask import Flask, request, jsonify LOG_FILE = "logs.json" TELEGRAM_TOKEN = "YOUR_BOT_TOKEN" CHAT_ID = "YOUR_CHAT_ID" def save_log(entry): data = json.load(open(LOG_FILE)) data.append(entry) json.dump(data,open(LOG_FILE,"w"),indent=2) def get_ip_info(ip): res = requests.get( f"http://ip-api.com/json/{ip}" ).json() return res.get("country")

MAIN ENTRY

if __name__ == "__main__": threading.Thread( target=start_ssh, daemon=True ).start() print("🔥 System Running") app.run(host="0.0.0.0", port=5000) def start_ssh(): server = socket.socket() server.bind(("0.0.0.0", 2222)) server.listen(5) while True: client, addr = server.accept() threading.Thread( target=handle_ssh, args=(client, addr) ).start()

SYS.ALERT

007

Bait System Alert

🚨 CRITICAL SYSTEM ALERT

Type: SSH Brute Force Attack
Target: GUARD-Alpha Core
Attacker IP: —
Location: —

Automatic mitigation protocol engaged. Attacker trapped in sandbox.

Awaiting attack...

DASH.LIVE

008

LIVE TELEMETRY

/stats — /logs — /dashboard

0

TOTAL ATTACKS

0

SSH

0

LOGIN

7-DAY DISTRIBUTION

SSH

LOGIN

SCAN

LIVE LOG