Category: Honeypots

Dec 13 2011

The big post of Kippo scripts, front-ends, bash one-liners and SQL queries

Continuing on the previous posts about Kippo, and assuming you have already setup, configured it and logged some probes or intrusions, let’s take a look at some of the scripts, front-ends, commands, and other useful 3rd party stuff available in our disposal to get a better understading of what’s going on with our honeypots.

Continue reading

Dec 08 2011

Logging Kippo events using MySQL DB

Continuing on the previous post about Kippo SSH honeypot, let’s see how we can make our lives easier and log its events in a MySQL database instead of the difficult to read text-based log files (located at kippo-dir/log by default). This post assumes that you have already followed the procedure and successfully installed Kippo on …

Continue reading

Dec 05 2011

Installing Kippo SSH Honeypot on Ubuntu

I decided to setup a simple ssh honeypot in a small VPS (192MB RAM) to see if they actually record attacks. The honeypot that I chose was Kippo , a simple SSH honeypot written in Python with several possibilities. Here is a guide for the installation and configuration of Kippo, in accordance with the procedure …

Continue reading