Frequently Asked Questions
Search, Scroll or Ask Your Own Below
Yes, just enter them on the “manage alerts” page.
Many MSPs run scans on client networks and don’t want alerts to be sent for these routine scans.
To WhiteList an IP, first go to your StingBox Dashboard and click on Add/Manage StingBox section.
Next, look for the “WhiteList IP Manager” link on the bottom of the StingBox you want to stop sending alerts when hit by a particular IP.
Next, Add the IP and Name the Machine for easier identification.
StingBox was designed to be a low cost solution to a tough problem, detecting if someone is snooping on your network. We are able to maintain low costs because of our Software as a Service model and our low cost hardware design.
No, similar to a building alarm system which does not stop burglars but only detects and deters them, StingBox does not stop hackers, it only detects and deters them.
Your StingBox will appear as connected on your dashboard.
Click “account settings” and then complete the password reset form to reset your password.
Plug your StingBox into the power outlet and any open port on your network. Create an account and enter the code printed on your StingBox. That’s it! More help is available at https://www.stingbox.com/setup/
Open up any web browser on your local network and enter ftp://YOURSTINGBOXIP into the url bar. Example (ftp://192.168.1.29). You can find your STINGBOXIP on your dashboard. This will generate an alert for an attempted FTP scan attempt.
Stingbox sends a small packet of to each host on the network to determine if it is up and running.
Every 10 minutes.
Every 5 minutes.
Go to your Discovered Hosts page from your StingBox dashboard to learn more about hosts on your network (i.e. Hostname, manufacturer or a custom name you’ve given the host in the past)
If you recently connected a device to your network yourself (or someone on your network did – nothing to worry about as it was an expected new device connection. If you can’t figure out what the new device is on your network or why it was installed (i.e. someone you don’t know is using your wifi connection), you may want to block the device on your router.
No, StingBox is an intrusion detection alarm, not a 100% guarantee you have not been hacked. If an attacker stays on a single host on your network it is likely that stingbox will not detect the attacker (however, we may have detected the attacker when they were trying to compromise that first host). We suggest having EndPoint security for the devices on your network in addition to the StingBox.
Yes, we offer a full API and custom alerting which many of our partners have integrated with SIEM products. Let us know if this helps or you’d like to talk more about other integration approaches.
No, but we have tested an inexpensive adapter that we can recommend.
POE Texas’ Adapter can be purchased directly at POETexas.com or from Amazon.
(Update) One of two of these POE adapters that we have been testing failed after 9 months.
Full disclosure: The failed while powering an alternative StingBox platform. The platform still works and the POE doesn’t.
But this isn’t a sufficient data set to say for certain that the power supply was the cause of its failure. There are several other manufacturers on Amazon.
Yes, the StingBox is hardened against attacks and does not cause excessive network traffic.
Yes, in addition to the standard office network physical StingBox, we also offer a virtual version for installation on the cloud or an existing machine. We do have a few warnings. We’ve designed our physical StingBox to be the most secure device on any network. The operating system circuit board we use has been stripped to the bare essentials to reduce the chance of any future zero day hack of things like video drivers or unnecessary components. StingBox undergoes regular penetration testing and checks for updates nightly. If you plan to load StingBox on an old server, or if you don’t know how to secure a virtual machine, or if you simply get careless passwords you may put your network at risk. If you are installing on a physical office network, we urge you to install our standard physical StingBox. And if you are installing on a virtual network using StingBox Virtual, we urge you to use a reputable cloud provider, use strong passwords and follow your providers guidance on security. If you still plan to install StingBox Virtual on your own machine, we urge you to use a new machine with a minimal operating system and maintain security updates. More information on StingBox Virtual can be found here
You can change the alert settings from your dashboard. There are three categories of alert. Critical, Important and Informational. Each can be set with it’s own unique instructions for how and where to send alerts. You can also always disable any alert methods from your dashboard.
We are using a version of the PI Architecture with 512mb of RAM running an ARM linux operating system. This will allow us to continue to add features for many years to come.
StingBox collects and stores
- Attack sessions from attackers (what they typed, how they interacted with the honeypot)
- IP address of your external network interface
- Open ports on your external network interface
- Names and MAC addresses of devices on your network which StingBox discovers with a network scan
This information is sent over an encrypted channel back to Sting-Box.com so you can review this information on your dashboard.
StingBox scans the local network it is connected to. For example, if it receives an address of 10.1.10.31 from the network’s DHCP Server, it will scan the 10.1.10.31/24 network.
If you’ve received a scan alert on your StingBox, it is likely that one of the machines on your network is compromised. First, identify the computer on your network and then take steps to remove malware from the machine and determine if you need to get a computer forensics company to help investigate if there was data stolen. If this is too daunting for you, we suggest reaching out to an IT solutions provider who can help you secure your network.
Ideal locations include – directly to a port on your router, into a network switch or into an open jack which plugs into your router.
- You may have deleted your alert methods
- Your sting box may have not have anything to alert. Check recent alerts for your StingBox and see if any have been sent.
The most likely cause of this is that your StingBox does not have internet access – please confirm you can access the internet from your wired network. Alternatively, the StingBox itself may have had an issue, please unplug the power and and plug back in the StingBox and wait 10 minutes to determine if it is back online on your dashboard. Still having problems? Email us help@StingBox.com
- StingBox scans your network every 5 minutes, please make sure you have waited 5 minutes for the StingBox to scan your network.
- Your network may be in different segments and the StingBox is only able to scan the segment upon which it connected.