Back Arrow Back to All Integrations

Honeypot – FTP Auth Test

Honeypot – FTP Auth Test

Honeypot SIEM Detection Test

Detecting when a Honypot is accessed is important to detect lateral movement across your environment. We recommend that SIEMs should be tested for honeypot detection to ensure the detection of lateral movement which could originate from both employees and external bad actors.


Sign Up For Your Free Account Today

Get your free account with Blumira and secure your Microsoft 365 environment in minutes. No credit card required.


Free Trial

How to Test Your Honeypot for Lateral Movement via FTP Auth


  • Blumira Sensor is deployed
  • Honeypot Module is configured

FTP Test

  1. Open a CMD Prompt as an Administrator that can communicate with the sensor over port 21
  2. Type the following:
    • FTP
    • open<ip_address of the sensor>
    • Add in username & password
  1. Within minutes, a finding (alert) will populate in the responder dashboard in Blumira