Category: Honeypots

Kippo-Graph 1.4 released!

This is the release of another version of Kippo-Graph, reaching 1.4! Kippo-Graph 1.4 brings MaxMind geolocation to Kippo-Geo. You can now select your GEO_METHOD of choice in config.php: either MaxMind which uses a local database and is very fast, or the previously used geoplugin.com web service. Download: kippo-graph-1.4 or clone/pull from GitHub: https://github.com/ikoniaris/kippo-graph MD5 Checksum: 9AEE0875F1ABBA17C54F69CC96EF457D SHA-1 Checksum: 6D639C9425389114ADB17FF1455A12E3A3C0519F …

Continue reading

2015 Honeynet Project Annual Workshop – Stavanger, Norway – Save the date!

New tool: kippo-log2db.pl

I’m copying an interesting email from SANS’ mailing list, by Jim Clausing. Jim has developed a new tool as a replacement for Kippo2MySQL. The new tools is called kippo-log2db.pl and you can download it here (local copy). I’ve been running kippo for several years now on a couple of honeypots that I have around and …

Continue reading

Run HoneyDrive 3 on Hyper-V server

Todd from Computer and Network Security Services, LLC has published a great blog post about running HoneyDrive 3 on a Microsoft Hyper-V server. I’m reposting it below: Having a Honeypot in your network can help to alert you to malicious traffic. However, installing and maintaining one can be a bit troublesome, particularly if you haven’t done it …

Continue reading

s06 Bringing PWNED To You Interesting Honeypot Trends Elliott Brink

DionaeaFR: adding parameterized date range

UPDATE: this change has been merged into the official DionaeaFR repo. As you might know, DionaeaFR is a very good frontend for Dionaea malware honeypot. It is developed by @rubenespadas, is written in Python and uses the Django web framework. I have covered DionaeaFR in the past in my post Visualizing Dionaea’s results with DionaeaFR and of course …

Continue reading

Kippo-Graph 1.3 released!

This is the release of another version of Kippo-Graph, reaching 1.3! Kippo-Graph 1.3 brings some significant changes to the codebase, the most important one being that all SQL operations now use the RedBeanPHP library. This change adds a new requirement: Kippo-Graph needs PHP version 5.3.4 or higher. Another change worth noting is the addition of VirusTotal …

Continue reading