andrewmichaelsmith / honeypot-setup-script Goto Github PK
View Code? Open in Web Editor NEWHoneypot (Dionaea and kippo) setup script
Honeypot (Dionaea and kippo) setup script
Added ppa:honeynet/nightly successfully but this does not contain dionaea package anymore.
Found this wiki: http://www.aldeid.com/wiki/Dionaea/Installation#Installation_of_Dionaea
This could serve as a temporary fix.
cheers
new kippo needs new config
p0f seems to start but then exits
example
--- p0f 2.0.8 resuming operations at <Tue Jan 15 22:10:41 2013> ---
[-] ERROR: Network is down.
If you choose to run the honeypots on a virtual interface such as venet0:0
then dionaea will not run because it can't handle colons in the interface name.
If you strip it from the name then dionaea seems to handle it properly so that may be worth doing.
I have ports 22 and 445 forwarded respectively.
From a remote PC i can open shell to port 22 but 445 shows a filtered state. I'm not seeing logs on my dionea honeypot
Any workaround this issue?!
I think this script should be replaced by a more simple script that calls out to some Docker containers (that should also be created as part of the work)
New project (with very beginnings) here: andrewmichaelsmith/manuka#1
p0f should run under its own user
I get the error below after reboot. The directory is missing as well
An error has occurred: '[Errno 2] No such file or directory: '/var/run/kippo/kippo.pid''
dionaea debug logging logs alot
should change levels in dionaea.conf
levels = "all" -> levels = "warning,error"
Seen by me and others in dionaea-errors.log
Following error was reported by the script while attempting to start kippo
Failed to load application: [Errno 2] No such file or directory: '/opt/kippo/kippo.tac'
dionaea bistreams folder not being created
on ubuntu 14.04
Kippo has moved from googlecode to github: https://github.com/desaster/kippo
Dionaea package is now named dionaea-phibo.
Just an FYI, will try updating the script later and submitting a pull request.
Currently the script fails rather ungracefully if you don't have sudo installed or if you have sudo but don't have sudo powers.
# bash setup.bash
ERROR: Please install sudo before contniuing (apt-get install sudo)
#bash setup.bash
ERROR: You need to run this script under an account that has access to sudo
I've broken kippo because I copy the cfg to /opt/kippo before doing the clone
There's a lot of apt-get noise that could hide errors.
Make this quieter.
If the box being configured has an extra NIC that is not plugged into the network, then that NIC won't have an IP address. When the python script that prompts the user for which interface to use, tries to enumerate all the interfaces (and their IP addresses), it will fail when it gets to that unplugged NIC. The installation script will continue without user interaction and fail at the end with a message about an invalid NIC. Workaround was possible by plugging all NICs (including unused ones) into a switch while the install script was running.
- Starting the process kippo Starting kippo in background...Traceback (most recent call last):
File "/usr/bin/twistd", line 14, in <module>
run()
File "/usr/lib/python2.7/dist-packages/twisted/scripts/twistd.py", line 27, in run
app.run(runApp, ServerOptions)
File "/usr/lib/python2.7/dist-packages/twisted/application/app.py", line 652, in run
runApp(config)
File "/usr/lib/python2.7/dist-packages/twisted/scripts/twistd.py", line 23, in runApp
_SomeApplicationRunner(config).run()
File "/usr/lib/python2.7/dist-packages/twisted/application/app.py", line 388, in run
self.logger.start(self.application)
File "/usr/lib/python2.7/dist-packages/twisted/application/app.py", line 226, in start
observer = self._getLogObserver()
File "/usr/lib/python2.7/dist-packages/twisted/scripts/_twistd_unix.py", line 142, in _getLogObserver
logFile = logfile.LogFile.fromFullPath(self._logfilename)
File "/usr/lib/python2.7/dist-packages/twisted/python/logfile.py", line 48, in fromFullPath
os.path.dirname(logPath), _args, *_kwargs)
File "/usr/lib/python2.7/dist-packages/twisted/python/logfile.py", line 161, in __init__
BaseLogFile.**init**(self, name, directory, defaultMode)
File "/usr/lib/python2.7/dist-packages/twisted/python/logfile.py", line 40, in **init**
self._openFile()
File "/usr/lib/python2.7/dist-packages/twisted/python/logfile.py", line 166, in _openFile
BaseLogFile._openFile(self)
File "/usr/lib/python2.7/dist-packages/twisted/python/logfile.py", line 75, in _openFile
self._file = file(self.path, "w+", 1)
IOError: [Errno 2] No such file or directory: '/opt/kippo/log/kippo.log'```
e.g.
# You have the following interfaces, please choose one:
[0] lo (127.0.0.1)
[1] venet0 (127.0.0.1)
[2] venet0:0 (199.180.252.139)
# ..
#2
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.