Category Archive: Visualization

Feb 01 2015

Kippo-Graph 1.4 released!

This is the release of another version of Kippo-Graph, reaching 1.4! Kippo-Graph 1.4 brings MaxMind geolocation to Kippo-Geo. You can now select your GEO_METHOD of choice in config.php: either MaxMind which uses a local database and is very fast, or the previously used geoplugin.com web service. Download: kippo-graph-1.4 or clone/pull from GitHub: https://github.com/ikoniaris/kippo-graph MD5 Checksum: 9AEE0875F1ABBA17C54F69CC96EF457D SHA-1 Checksum: 6D639C9425389114ADB17FF1455A12E3A3C0519F …

Continue reading »

Aug 25 2014

DionaeaFR: adding parameterized date range

UPDATE: this change has been merged into the official DionaeaFR repo. As you might know, DionaeaFR is a very good frontend for Dionaea malware honeypot. It is developed by @rubenespadas, is written in Python and uses the Django web framework. I have covered DionaeaFR in the past in my post Visualizing Dionaea’s results with DionaeaFR and of course …

Continue reading »

Aug 24 2014

Kippo-Graph 1.3 released!

This is the release of another version of Kippo-Graph, reaching 1.3! Kippo-Graph 1.3 brings some significant changes to the codebase, the most important one being that all SQL operations now use the RedBeanPHP library. This change adds a new requirement: Kippo-Graph needs PHP version 5.3.4 or higher. Another change worth noting is the addition of VirusTotal …

Continue reading »

Aug 09 2014

Adding ElasticSearch support to Kippo SSH honeypot

I am very fond of ElasticSearch as a storage infrastructure and I do believe it is very useful for storing attack data, especially from honeypots. If you follow my blog, you would have seen my first attempts at transferring Kippo’s data to ElasticSearch, or creating Kibana dashboards to visualize SSH attacks. These eventually led to …

Continue reading »

Jul 26 2014

HoneyDrive 3 Royal Jelly edition

Dear security enthusiasts, it’s been around one year and a half since the last release of HoneyDrive Desktop. Upon learning that my honeypots workshop has been accepted at BSides Las Vegas 2014, the thought of upgrading HoneyDrive has been greatly intensified in my mind, to the point that I decided to make it a reality! So, it …

Continue reading »

Jul 23 2014

Vagrant configuration for Thug honeyclient

I am happy to announce another small side-project. This time, I decided to make a Thug honeyclient VM available with one command (no kidding!) I have previously done the same with Dionaea-Vagrant, and while I was working on the next version of HoneyDrive the past days, news came out that Thug 0.5 was released today. …

Continue reading »

Jul 17 2014

Kippo-Graph 1.2 released!

This is the release of another version of Kippo-Graph, reaching version 1.2! Kippo-Graph 1.2 is mostly a maintenance release, but I’ve also fixed and added more features so updating is strongly recommended! The most significant change concerns the virus scanning of attackers’ downloaded files. Unfortunately, NoVirusThanks have stopped offering their service due to costs of …

Continue reading »

Page 2 of 912345...Last »