Kippo Honeypot

My laptop currently running Kippo honeypot which can be downloaded here. It supports MySQL database (and soon, the author plans to support SQLite, I am not sure as an option or successor). Basically it's a honeypot which listen on SSH service on port 2222, which, if you're running on Linux for example you can reroute from port 22 (the normal port).

As in my case, I am currently running this service behind NAT, so I've to do the port forwarding thing prior to make it work.

This can be achieved by;

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 22 -j REDIRECT --to-port 2222

And you can check it by;


iptables -t nat -vL
Chain PREROUTING (policy ACCEPT 46764 packets, 3114K bytes)
 pkts bytes target     prot opt in     out     source               destination
    1    60 REDIRECT   tcp  --  eth1   any     anywhere             anywhere            tcp dpt:ssh redir ports 2222

I have plenty of attempts including a brute force attempts with Japanese dictionary passwords. Seems MySQL really helps to get them shown to the screen in handy.

Comments

Popular posts from this blog

Panduan Bas Ekspres Kuala Lumpur (TBS) - Skudai

Cara Renew Passport Pembantu Rumah di Kedutaan Indonesia 2015