Kippo
Version vom 27. August 2016, 15:21 Uhr von Thomas (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „=Before we begin= Change standard ssh Port =Install some packets *apt-get install python-dev openssl python-openssl python-pyasn1 python-twisted git authbind…“)
Before we begin
Change standard ssh Port =Install some packets
- apt-get install python-dev openssl python-openssl python-pyasn1 python-twisted git authbind
Adduser and change visudo that kippo can list users
- adduser kippo
- visudo
add
kippo ALL=(ALL:ALL) ALL
under the “root” user. =create fil and change some rights?
- touch /etc/authbind/byport/22
- chown kippo:kippo /etc/authbind/byport/22
- chmod 777 /etc/authbind/byport/22
Download the latest Kippo version from GitHub
git clone https://github.com/desaster/kippo.git =c
cp kippo.cfg.dist kippo.cfg nano kippo.cfg
Finally, edit the Kippo start script:
1
nano start.sh
changing the following command from 1
twistd -y kippo.tac -l log/kippo.log --pidfile kippo.pid
to 1
authbind --deep twistd -y kippo.tac -l log/kippo.log --pidfile kippo.pid
so that it uses authbind to “listen” on port 22, and run the honeypot: 1
./start.sh
We check that our port has actually opened and Kippo is “listening”:
1
sudo netstat -antp
where there should be a line like this: 1
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 22627/python