Since Kippo is doing fine and there are some other interesting things out there apart from SSH dictionary attacks, I decided to run Dionaea as well in order to get a better understanding of malware distribution. So, I found myself on the official Dionaea website ready to proceed. The amount of information there and the …
Category Archive: Honeypots
Jan 03 2012
Kippo-Graph 0.6.2 released.
Another update for Kippo-Graph, after the 0.6 “milestone”, reaching version 0.6.2 (as you may noticed I might have abused the versioning system a little, so from now on there will be small increments better reflecting the work done). It includes two new features for the Kippo-Geo component: hostname resolution for the top 10 IPs and …
Jan 03 2012
Kippo reveals itself with ‘w’ and ‘uptime’ commands
It occurred to me suddenly today that in every TTY session I see online if the attacker runs the ‘w’ command a uptime value of ~14 days is shown. I checked it and it’s true. Kippo has the following output for the ‘w’ command hardcoded into its source code: up 14 days, 3:53. The same …
Due to the move of the blog to this domain, I have updated Kippo2MySQL with the latest information and contact details.
Download Kippo2MySQL v0.1.1 here: kippo2mysql-0.1.1
MD5 Checksum: 1D1C664902B20BDA941538B86DA2DAEE
SHA-1 Checksum: 47F0544AADC5FC3362E317C5BB586A90CF0E0138
Due to the move of the blog to this domain, I have updated Kippo-Graph with the latest information and contact details.
Download Kippo-Graph v0.6.1 here: kippo-graph-0.6.1
MD5 Checksum: 4FD2389B223DFD699E855E66094E65F3
SHA-1 Checksum: 1DAD2618F6B756CD3645096971D17776950640EA
Dec 31 2011
Kippo2MySQL v0.1, populate a MySQL DB with data from Kippo logs!
This is yet another simple piece of software that simply extracts some VERY BASIC stats from Kippo’s text-based log files (a mess to analyze!) and inserts them in a MySQL database. Then you can run some queries and of course visualize the data if you want to. This is the initial version (0.1) so many …
Dec 30 2011
Kippo-Graph 0.6 released!
New version of Kippo-Graph with more graphs (currently 18 in total!) and additional features including IP lookup and malicious file scanning. Download it from here: kippo-graph-0.6 MD5 Checksum: 889D40D2CA34A649708C0DAAF439ACAE SHA-1 Checksum: 4E92EC316FA55E9E3E1966E1DB9310074B56D177 CHANGES: Version 0.6: + Added human activity per day graph (Kippo-Input) - updated gallery. + Added probes per week graph - updated gallery. …