Dionaea-Vagrant

Dionaea-Vagrant provides a Vagrant configuration file (Vagrantfile) and shell scripts to automate the setup and configuration of a Dionaea malware honeypot in a virtual machine. The need for this project comes from the somewhat difficult installation procedure of Dionaea which can be discouraging to newcomers.

REQUIREMENTS:

  1. VirtualBox
  2. Vagrant

DOWNLOAD & INSTALL Dionaea-Vagrant:

git clone https://github.com/ikoniaris/dionaea-vagrant && cd dionaea-vagrant
vagrant up

This will download (only the first time) a virtual disk, it will create a new Ubuntu 12.04 LTS VM on the fly and start it using VirtualBox. Then Dionaea and all of its dependencies will be installed on it and will be executed as a daemon along with p0f. And that’s it!

You can then login into the machine by typing “vagrant ssh” or using an SSH client (e.g. PuTTY) and connect to localhost:2222 — username: vagrant, password: vagrant. Once inside the VM, type “ifconfig” to find out the IP address assigned to the bridged adapter (eth1), which you can use to forward ports from your home router back to the VM. For a list of ports used by Dionaea type “sudo netstat -antp | grep dionaea”. If you want to stop the machine type “vagrant halt” (on the outer terminal, not inside the machine).

Every time you want to start the honeypot VM a simple “vagrant up” issued inside the dionaea-vagrant directory is enough!

VIDEO DEMO:

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

  • ikonspirasi

    wow, i just using this vagrant thing, thanks for sharing :)

  • aar_cee

    This is the error i get when i run the command up vagrant
    kindly help in resolving the issue
    There is a syntax error in the following Vagrantfile. The syntax error
    message is reproduced below for convenience:

    /home/wow/dionaea-vagrant/Vagrantfile:66: syntax error, unexpected ‘:’, expecting kEND
    config.vm.provision “shell”, inline: “cp /vagrant/*.sh /tmp/”
    ^
    /home/wow/dionaea-vagrant/Vagrantfile:67: syntax error, unexpected ‘:’, expecting kEND
    ….vm.provision “shell”, inline: “aptitude -y install dos2unix…
    ^
    /home/wow/dionaea-vagrant/Vagrantfile:68: syntax error, unexpected ‘:’, expecting kEND
    ….vm.provision “shell”, inline: “cd /tmp/ && sh setupDionaea….
    ^
    /home/wow/dionaea-vagrant/Vagrantfile:69: syntax error, unexpected ‘:’, expecting kEND
    ….vm.provision “shell”, inline: “cp /tmp/runDionaea.sh /home/…
    ^
    /home/wow/dionaea-vagrant/Vagrantfile:70: syntax error, unexpected ‘:’, expecting kEND
    ….vm.provision “shell”, inline: “echo ‘@reboot vagrant /home/…

    • http://bruteforce.gr/ Ion

      Hi aar_cee,
      what version of Vagrant are you using? Did you install it from the package manager? This error happens with old versions sometimes. Please uninstall Vagrant and install the latest version from: https://www.vagrantup.com/downloads.html

      Regards,
      Ion

  • Olli

    When I am running: vagrant up
    Following error appear:
    root@debian:~/dionaea-vagrant# vagrant up
    VirtualBox is complaining that the installation is incomplete. Please
    run `VBoxManage -version` to see the error message which should contain
    instructions on how to fix this error.

    • http://bruteforce.gr/ Ion

      Well, have you installed VirtualBox? If yes, did you run the above command?

      • Olli

        Yes I installed VB. Above command?

      • http://bruteforce.gr/ Ion

        I meant VBoxManage -version. Well, as it says there you need the Linux headers etc. See: https://www.virtualbox.org/manual/ch02.html#install-linux-host

      • Olli

        Ah sorry.

        root@debian:~/dionaea-vagrant# VBoxManage -version
        WARNING: The character device /dev/vboxdrv does not exist.
        Please install the virtualbox-ose-dkms package and the appropriate
        headers, most likely linux-headers-486.

        You will not be able to start VMs until this problem is fixed.
        4.1.18_Debianr78361

      • Olli

        I use virtualbox on windows. and there I have installed debian without gui

      • http://bruteforce.gr/ Ion

        I don’t understand your setup. If you use Windows, then just install VirtualBox and Vagrant for Windows and you’re good to go.

  • fullheal

    After instalaltion of honeypot and then how to recieve attack for dionaea honeypot?

Read previous post:
To Kill a Centrifuge (Stuxnet Analysis)
Case Study: 10 Steps to Agile Development without Compromising Enterprise Security
phpBrowserStack
Miscellaneous
BlackHat USA 2012 - Owning Bad Guys (and Mafia) with Javascript Botnets
Close