Add VBR-Decoy to T-Pot

[n00rm]

Is your feature request related to a problem? Please describe.
I stumbled across VBR-Decoy and would like to see it integrated to T-Pot
VBR-Decoy is a simple server to act as a Veeam "honeypot" providing alerting for network scans for Veeam services.
With this project, T-Pot could be extended to alert on Veeam Backup scanning/attacking.

Describe the solution you'd like
A native integration of this project would be awesome. It seems that it doesn't use Docker/Container and the deployment is currently only as OVA (VM) available.

Describe alternatives you've considered
none

Additional context
Project: https://github.com/VeeamHub/veeam-decoy
Documentation: https://dl.24xsiempre.com/Decoy_Manual_EN.pdf

[t3chn0m4g3]

Thanks for spotting this!

I just reviewed the codebase for feasibility and the number of port collisions we'd have with other honeypots is extremely high, logging is currently implemented with Syslog (we require JSON) and the hardware requirements (even when assuming 1GB of RAM will be working fine) are quite high for a single purpose honeypot.

Even if we integrated the solution into T-Pot, it would mostly have to run isolated anyway (for the reasons mentioned above) which would render an integration mostly redundant.

Based on the purpose the project is aiming for, a distributed installation of Veeam-Decoy for environments invested in Veeam, will probably make the best sense.

Thanks again for taking the time to open the issue and all the best!