The Kippo2ElasticSearch script has been updated and now creates proper entries with all attributes needed for each SSH login attempt. I have also included an exported Kibana dashboard file that you can import in your own instance and visualize the results. This is going to be very useful and it looks great. Please get/update by cloning/pulling from GitHub: https://github.com/ikoniaris/kippo2elasticsearch …
Category Archive: Visualization
Mar 31 2014
Kippo attack heatmap in seconds using Kibana and Kippo2ElasticSearch
Continuing from my previous post, here is how to create an attack heat map in seconds using the same ElasticSearch + Kibana instance. First of all we have to download Maxmind’s GeoIP database. The general procedure is super easy (no need to do it): This will output a single GeoIP.dat file which is a binary …
Mar 30 2014
Transferring Kippo’s data to ElasticSearch
I have been investigating ElasticSearch and Kibana for some projects lately and I’ve come to appreciate the easiness of using the two pieces of software together for storing and visualizing data. This will be an introductory post to something bigger, but I just want to throw the idea out there: let’s transfer honeypot data to …
Mar 30 2014
Kippo-Graph 0.9.3 released, with new component: “Kippo-IP”
This is the release of a new version of Kippo-Graph, adding a new component: Kippo-IP. Using Kippo-IP you can get a table view of all attacks and inputs by IP address. Kippo-IP has been developed by s0rtega, so make sure to send him your thanks! Download: kippo-graph-0.9.3 or clone/pull from GitHub: https://github.com/ikoniaris/kippo-graph MD5 Checksum: 30FDEC6F6F0F75689E776D61616CD18C SHA-1 Checksum: 6E31D17965E3DEDCAD5A123A2572EE04820E5FC1 CHANGES: Version …
Mar 24 2014
Kippo-Graph 0.9.2, with Kippo-Playlog!
This is the release of a new version of Kippo-Graph, adding a new component: Kippo-Playlog. Now you can play captured honeypot sessions in real time inside Kippo-Graph! Kippo-Playlog has been developed by CCoffie, so make sure to send him your thanks! The support is somewhat experimental, so please update Kippo-Graph, test it with your database and …
Posted on:
February 13, 2014
Feb 06 2014
Kippo-Graph 0.9.1 - Google Map fix
Kippo-Graph has been updated to version 0.9.1, fixing the Google Map rendering issue in Kippo-Geo component. You can download the new version from here: kippo-graph-0.9.1, or clone/pull from Kippo-Graph’s git repository hosted on GitHub: https://github.com/ikoniaris/kippo-graph. As always, here are the checksums for the tar file: MD5 Checksum: 5F496A1C3AF911B644E0A2E54D60980C SHA-1 Checksum: CDA97448823C202B181B4453153812B019F19CE2 CHANGES: Version 0.9.1: + …