fbpx

FAQ

Frequently Asked Questions
Search, Scroll or Ask Your Own Below

Generic selectors
Exact matches only
Search in title
Search in content
faq

StingBox FAQ

Can I set up alerts on multiple email addresses, phone numbers?

Yes, just enter them on the “manage alerts” page.

Can I Whitelist an IP?

Yes,
Many MSPs run scans on client networks and don’t want alerts to be sent for these routine scans.

To WhiteList an IP, first go to your StingBox Dashboard and click on Add/Manage StingBox section.
Next, look for the “WhiteList IP Manager” link on the bottom of the StingBox you want to stop sending alerts when hit by a particular IP.
Next, Add the IP and Name the Machine for easier identification.

Can StingBox really be helping me with such a low cost?

StingBox was designed to be a low cost solution to a tough problem, detecting if someone is snooping on your network. We are able to maintain low costs because of our Software as a Service model and our low cost hardware design.

Does StingBox stop hackers?

No, similar to a building alarm system which does not stop burglars but only detects and deters them, StingBox does not stop hackers, it only detects and deters them.

How do I know if my StingBox is running?

Your StingBox will appear as connected on your dashboard.

How do I reset my password?

Click “account settings” and then complete the password reset form to reset your password.

How do I set up my StingBox?

Plug your StingBox into the power outlet and any open port on your network. Create an account and enter the code printed on your StingBox. That’s it! More help is available at https://www.stingbox.com/setup/

How do I test my StingBox to make sure it is working?

Open up any web browser on your local network and enter ftp://YOURSTINGBOXIP into the url bar. Example (ftp://192.168.1.29). You can find your STINGBOXIP on your dashboard. This will generate an alert for an attempted FTP scan attempt.

How does the StingBox discover hosts on my network?

Stingbox sends a small packet of to each host on the network to determine if it is up and running.

How often are alerts sent out?

Every 10 minutes.

How often does StingBox scan my network for new devices?

Every 5 minutes.

I’ve received an alert and want to know more about an IP address attacking my stingbox, what should I do?

Go to your Discovered Hosts page from your StingBox dashboard to learn more about hosts on your network (i.e. Hostname, manufacturer or a custom name you’ve given the host in the past)

I’ve got a new device alert, what should I do?

If you recently connected a device to your network yourself (or someone on your network did – nothing to worry about as it was an expected new device connection. If you can’t figure out what the new device is on your network or why it was installed (i.e. someone you don’t know is using your wifi connection), you may want to block the device on your router

If I have no alerts on my StingBox, am I guaranteed not to have been be hacked?

No, StingBox is an intrusion detection alarm, not a 100% guarantee you have not been hacked. If an attacker stays on a single host on your network it is likely that stingbox will not detect the attacker (however, we may have detected the attacker when they were trying to compromise that first host). We suggest having EndPoint security for the devices on your network in addition to the StingBox.

Is SIEM integration with StingBox an option?

Yes, we offer a full API and custom alerting which many of our partners have integrated with SIEM products. Let us know if this helps or you’d like to talk more about other integration approaches.

Here’s the link to our API documentation:
Is StingBox Powered over Ethernet (PoE)

No, but we have tested an inexpensive adapter that we can recommend.
POE Texas’ Adapter can be purchased directly at POETexas.com or from Amazon.
(Update) One of two of these POE adapters that we have been testing failed after 9 months.
Full disclosure: The failed while powering an alternative StingBox platform. The platform still works and the POE doesn’t.
But this isn’t a sufficient data set to say for certain that the power supply was the cause of its failure.  There are several other manufacturers on Amazon.

Is the StingBox safe to have on my network?

Yes, the StingBox is hardened against attacks and does not cause excessive network traffic. 

Is there a Virtual Cloud Version of StingBox?

Yes, in addition to the standard office network physical StingBox, we also offer a virtual version for installation on the cloud or an existing machine. We do have a few warnings. We’ve designed our physical StingBox to be the most secure device on any network. The operating system circuit board we use has been stripped to the bare essentials to reduce the chance of any future zero day hack of things like video drivers or unnecessary components. StingBox undergoes regular penetration testing and checks for updates nightly. If you plan to load StingBox on an old server, or if you don’t know how to secure a virtual machine, or if you simply get careless passwords you may put your network at risk. If you are installing on a physical office network, we urge you to install our standard physical StingBox. And if you are installing on a virtual network using StingBox Virtual, we urge you to use a reputable cloud provider, use strong passwords and follow your providers guidance on security. If you still plan to install StingBox Virtual on your own machine, we urge you to use a new machine with a minimal operating system and maintain security updates. More information on StingBox Virtual can be found here

My StingBox is alerting me too often, how do I stop it?

You can change the alert settings from your dashboard. There are three categories of alert. Critical, Important and Informational. Each can be set with it’s own unique instructions for how and where to send alerts. You can also always disable any alert methods from your dashboard.  

The lights on my StingBox are on and blinking but it does not appear as connected on the dashboard, how can I fix it?

If the lights on your StingBox are on and Blinking, it means your StingBox is on and connected to your network. If this is the case but the StingBox dashboard does not show the device as connected, a few things may have happened.

  1. The device has not yet checked-in, or is in the process of an update. Please make sure you have waited 15 minutes after connecting your device for the first time.
  2. You are behind a web gateway or proxy which is blocking the StingBox server. Please make sure you are able to access the StingBox Login Page from the the Network your StingBox is connected to. If you go to this link and see web filtering (from a firewall or web filtering device) please reach out to your gateway administrator and ask them to whitelist Sting-Box.com and stingbox.twocyber.com.
What hardware is running on the StingBox?

We are using a version of the PI Architecture with 512mb of RAM running an ARM linux operating system. This will allow us to continue to add features for many years to come.

What information does StingBox collect?

StingBox collects and stores

  • Attack sessions from attackers (what they typed, how they interacted with the honeypot)
  • IP address of your external network interface
  • Open ports on your external network interface
  • Names and MAC addresses of devices on your network which StingBox discovers with a network scan

This information is sent over an encrypted channel back to Sting-Box.com so you can review this information on your dashboard.

What network does the StingBox scan to discover hosts?

StingBox scans the local network it is connected to. For example, if it receives an address of 10.1.10.31 from the network’s DHCP Server, it will scan the 10.1.10.31/24 network.

What should I do if I get a scan alert from my StingBox?

If you’ve received a scan alert on your StingBox, it is likely that one of the machines on your network is compromised. First, identify the computer on your network and then take steps to remove malware from the machine and determine if you need to get a computer forensics company to help investigate if there was data stolen. If this is too daunting for you, we suggest reaching out to an IT solutions provider who can help you secure your network. 

Where should I plug the StingBox into my network?

Ideal locations include – directly to a port on your router, into a network switch or into an open jack which plugs into your router.

Why am I not getting any alerts?
  • You may have deleted your alert methods
  • Your sting box may have not have anything to alert. Check recent alerts for your StingBox and see if any have been sent.
Why isn’t my StingBox connecting and working?

The most likely cause of this is that your StingBox does not have internet access – please confirm you can access the internet from your wired network. Alternatively, the StingBox itself may have had an issue, please unplug the power and and plug back in the StingBox and wait 10 minutes to determine if it is back online on your dashboard. Still having problems? Email us help@StingBox.com

Why isn’t the StingBox detecting some of the devices/hosts on my network?
  • StingBox scans your network every 5 minutes, please make sure you have waited 5 minutes for the StingBox to scan your network.
  • Your network may be in different segments and the StingBox is only able to scan the segment upon which it connected. 

Have other questions?

Just ask and we'll answer