Sep 14 2012

Announcing HoneyDrive!

UPDATE: This post was about the server version of HoneyDrive which is no longer maintained. I have now released a HoneyDrive Desktop version based on Xubuntu Linux.

HoneyDrive is a virtual hard disk drive (VMDK format) with Ubuntu Server 11.10 32-bit edition installed. It contains various honeypot systems such as Kippo SSH honeypot, Dionaea malware honeypot and Honeyd. Additionally it includes useful scripts and utilities to analyze and visualize the data it captures. Lastly, other helpful tools like tshark (command-line Wireshark), pdftools, etc. are also present.

NOTE: The description is not very accurate for the current state of HoneyDrive. Right now only Kippo SSH honeypot and its related tools are included, but all of the above will be present in future releases.

You can get the latest version (0.1) of HoneyDrive which contains Kippo SSH honeypot and related scripts (kippo-graph, kippo-stats, kippo-sessions, etc). Everything is pre-configured to work. Due to its size the file is hosted at SourceForge: http://sourceforge.net/projects/honeydrive/

Please also take a look at the README.txt file at SourceForge (also included inside the disk) to learn the specific features and where everything is located.

After downloading the file, you must uncompress it and then you simply have to create a new virtual machine (suggested software: Oracle VM VirtualBox) and select the VMDK drive as its hard disk.

As always, feedback is always welcomed, using the related page: http://bruteforce.gr/honeydrive

  • Excellent initiative. Like the idea. I have a question, are tools like Kippo or Nephentes effective in tracking botnets and detecting C&C panels ? I’m interested in starting out this field, I would be happy if you give me some clues.

More in Blog News, Honeypots, Virtualization, Visualization
VMware’s VMDK to VirtualBox’s VDI
Honeyd-Viz 0.2 released!
Honeyd2MySQL 0.3 – fixed DB schema
Honeyd-Viz 0.1 released!
New version of Kippo-Graph: 0.7.2 (small fixes)