Skip to main content
Kippo Honeypot

My laptop currently running Kippo honeypot which can be downloaded here. It supports MySQL database (and soon, the author plans to support SQLite, I am not sure as an option or successor). Basically it's a honeypot which listen on SSH service on port 2222, which, if you're running on Linux for example you can reroute from port 22 (the normal port).

As in my case, I am currently running this service behind NAT, so I've to do the port forwarding thing prior to make it work.

This can be achieved by;

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 22 -j REDIRECT --to-port 2222

And you can check it by;


iptables -t nat -vL
Chain PREROUTING (policy ACCEPT 46764 packets, 3114K bytes)
 pkts bytes target     prot opt in     out     source               destination
    1    60 REDIRECT   tcp  --  eth1   any     anywhere             anywhere            tcp dpt:ssh redir ports 2222

I have plenty of attempts including a brute force attempts with Japanese dictionary passwords. Seems MySQL really helps to get them shown to the screen in handy.
Labels:

Comments

Post a Comment

Popular posts from this blog

Gue dengan S2 gue. Sronok banget!
15 comments
Read more

Vultr - another reliable alternative for SEA Virtual Private Server!

I have been using Vultr  as my recent VPS now, since it has just a nearby Data Center in Singapore (sadly, Malaysian VPS is always expensive.. so the best option is DC in Singapore - most of the time). It provides free trial credit for around USD5.. and +USD2 if you did a social media integration/sharing with Twitter. Try it now. Click Vultr
Post a Comment
Read more