A small typo was noticed in HoneyDrive’s README.txt file concerning Honeyd2MySQL’s correct location and MySQL database name. I have fixed it online (SourceForge), so you can get the new file inside the virtual appliance if you like to.
Dec 26 2012
HoneyDrive Desktop released!
Hello! Merry X-Mas to all
I am very happy to be in the position to announce the newest addition to my projects: HoneyDrive (Desktop).
What is it? Here is a brief but informative description:
HoneyDrive is a virtual appliance (OVA) with Xubuntu Desktop 12.04 32-bit edition installed. It contains various honeypot software packages such as Kippo SSH honeypot, Dionaea malware honeypot, Honeyd low-interaction honeypot and more. Additionally it includes useful pre-configured scripts and utilities to analyze, visualize and process the data it can capture, such as Kippo-Graph, Honeyd-Viz, and much more. Lastly, many other helpful security, forensics and malware related tools are also present in the distribution.
The latest version (0.1) of HoneyDrive Desktop (aka Santa edition), which was officially released on December 26, 2012 will be hosted at SourceForge.net. The appliance (around 2.7GBs in size) has been uploaded and you can get it from this project link: http://sourceforge.net/projects/honeydrive/
The installation procedure is pretty straightforward: after downloading the file, you simply have to import the virtual appliance to your virtual machine manager/hypervisor (suggested software: Oracle VM VirtualBox). Please take a look at the README.txt file on SourceForge (also included inside the virtual disk) to see where everything is located.
Below is a comprehensive list of HoneyDrive’s features, ready to be used for promotional purposes
- Virtual appliance based on Xubuntu 12.04 Desktop.
- Distributed as a single OVA file, ready to be imported.
- Full LAMP stack installed (Apache 2, MySQL 5), plus tools such as phpMyAdmin.
- Kippo SSH Honeypot, plus Kippo-Graph, Kippo2MySQL and other helpful scripts.
- Dionaea malware honeypot, plus phpLiteAdmin and other helpful scripts.
- Honeyd low-interaction honeypot, plus Honeyd2MySQL, Honeyd-Viz and other helpful scripts.
- LaBrea sticky honeypot, Tiny Honeypot, IIS Emulator, INetSim and SimH.
- A full suite of security, forensics and anti-malware tools for network monitoring, malicious shellcode and PDF analysis, such as ntop, p0f, EtherApe, nmap, DFF, Wireshark, ClamAV, ettercap, Automater, UPX, pdftk, Flasm, pdf-parser, Pyew, dex2jar and more.
- Firefox plugins pre-installed, plus extra helpful software such as GParted, Terminator, VYM, Xpdf and more.
Finally, three screenshots from the appliance, I hope you will find them pretty!
For comments, suggestions, fixes, please use the HoneyDrive page: http://bruteforce.gr/honeydrive
Posted on:
December 26, 2012
Posted on:
December 26, 2012
Dec 24 2012
Kippo2MySQL v0.2
Kippo2MySQL has been updated to version 0.2, and I think it’s mostly completed. I added DisSsha’s suggestion (dropping existing tables in database) and added a MySQL port option. As mentioned before you will have to manually create a MySQL database to store the data and change all the required values inside the script in order to work correctly. Nothing major though.
Download it from here: kippo2mysql-0.2
MD5 Checksum: 67C9F3D06D5EA116F02400C0A2BA6977
SHA-1 Checksum: A4A1018AC206334B98FE14A5F1C5F379961F24B8
For comments, suggestions, fixes, please use the Kippo2MySQL page: http://bruteforce.gr/kippo2mysql
Dec 24 2012
Kippo-Graph: version 0.7.4 released!
This is the release of a new version of Kippo-Graph, adding a configuration option allowing connection to a MySQL server that uses a non-standard port.
Thanks to Jean-Phelippe for the suggestion.
Download it from here: kippo-graph-0.7.4
MD5 Checksum: BA4D5242CFB87F56727A2141149C6A5F
SHA-1 Checksum: 7520D2AD05648600F5F1874E4707908C3D490672
CHANGES:
Version 0.7.4:
+ Added config option for non-standard MySQL port.
For comments, suggestions, fixes, please use the Kippo-Graph page: http://bruteforce.gr/kippo-graph
Dec 11 2012
Kippo-Graph: version 0.7.3 released!
This is the release of a new version of Kippo-Graph, fixing a security issue with XSS code in intruders’ input strings being executed by Kippo-Input, plus adding some new tables with basic info about the honeypot’s operation highlighting its general activity (I’m suprised this was overlooked so far).
Thanks to A. Ramos for reporting the XSS problem.
Updating is recommended!
Download it from here: kippo-graph-0.7.3
MD5 Checksum: EF27DB0031E3FC2D1F80DD4F83A8A175
SHA-1 Checksum: 0FA03F5FA4BED233731CB4F5F4CD42C1CDF92215
CHANGES:
Version 0.7.3:
+ Fixed XSS issues in Kippo-Input.
+ Added tables with overall/basic stats in Kippo-Graph and Kippo-Input.
For comments, suggestions, fixes, please use the Kippo-Graph page: http://bruteforce.gr/kippo-graph