Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Old project that used Kippo and various custom tools for SSH honeypot analysis.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
|Type||Name||Latest commit message||Commit time|
|Failed to load latest commit information.|
This is the source code I used for my honeypot project. A lot of it is hacked together but hopefully someone will find it useful! To ge the Ruby scripts to work you will need to install mysql and gruff gems gem install mysql gem install gruff The script to report an IP address uses PEAR mail but this is actually not needed, I only used it so I could send mail via gmail. You can simply change this to PHP's mail() function. # blacklist.rb Generates list of IP's that have been carrying out SSH attacks useful for creating blacklists for IPTables, IOS etc # report.php Gets the IP address from the kippo DB and reports the IP for abuse if certain conditions are met. Then saves the information to a 'report' table for displaying the information at a later date. # dump.php This was used to output the UML blobs in the Kippo DB to a file to be read by ajaxterm. # current-charts.rb Ruby script I used to create the graphs for the front page. # snippets.php This is just wee snippets of code I used through-out my code that I think might be useful to some people :-)