Category: Honeypots

Kippo-Graph 1.4.1 released!

This is the release of another version of Kippo-Graph, reaching 1.4.1, the 2nd for today, heh! Kippo-Graph 1.4.1 adds a check to Kippo-IP for Tor exit nodes. Download: kippo-graph-1.4.1 or clone/pull from GitHub: https://github.com/ikoniaris/kippo-graph MD5 Checksum: a34ad6c008aab1339dee47115b2f0fdc SHA-1 Checksum: 2d3023755623895c0165305eec578fe55d093918 CHANGES: Version 1.4.1: + Added check for Tor exit nodes. For comments, suggestions, fixes, please use the Kippo-Graph …

Continue reading

Kippo-Graph 1.4 released!

This is the release of another version of Kippo-Graph, reaching 1.4! Kippo-Graph 1.4 brings MaxMind geolocation to Kippo-Geo. You can now select your GEO_METHOD of choice in config.php: either MaxMind which uses a local database and is very fast, or the previously used geoplugin.com web service. Download: kippo-graph-1.4 or clone/pull from GitHub: https://github.com/ikoniaris/kippo-graph MD5 Checksum: 9AEE0875F1ABBA17C54F69CC96EF457D SHA-1 Checksum: 6D639C9425389114ADB17FF1455A12E3A3C0519F …

Continue reading

2015 Honeynet Project Annual Workshop – Stavanger, Norway – Save the date!

New tool: kippo-log2db.pl

I’m copying an interesting email from SANS’ mailing list, by Jim Clausing. Jim has developed a new tool as a replacement for Kippo2MySQL. The new tools is called kippo-log2db.pl and you can download it here (local copy). I’ve been running kippo for several years now on a couple of honeypots that I have around and …

Continue reading

Run HoneyDrive 3 on Hyper-V server

Todd from Computer and Network Security Services, LLC has published a great blog post about running HoneyDrive 3 on a Microsoft Hyper-V server. I’m reposting it below: Having a Honeypot in your network can help to alert you to malicious traffic. However, installing and maintaining one can be a bit troublesome, particularly if you haven’t done it …

Continue reading

s06 Bringing PWNED To You Interesting Honeypot Trends Elliott Brink

DionaeaFR: adding parameterized date range

UPDATE: this change has been merged into the official DionaeaFR repo. As you might know, DionaeaFR is a very good frontend for Dionaea malware honeypot. It is developed by @rubenespadas, is written in Python and uses the Django web framework. I have covered DionaeaFR in the past in my post Visualizing Dionaea’s results with DionaeaFR and of course …

Continue reading