You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I followed all the instruction reported in the documentation in order to run a pool of virtual machines for running Cowrie in proxy mode. The VMs apparently boot correctly (i lowered down the number from 5 to 2, i also increased the guest_memory in cowrie.cfg file, not sure if it matters):
This is the tail of var/log/cowrie/cowrie.log file:
2023-05-18T18:36:42.240321Z [-] Connection to QEMU established
2023-05-18T18:36:42.242112Z [-] Could not get domain list
2023-05-18T18:36:42.365736Z [backend_pool.pool_server.PoolServerFactory] Received connection from 127.0.0.1:52868
2023-05-18T18:36:42.366970Z [Uninitialized] Initialising pool with Cowrie settings...
2023-05-18T18:36:42.368829Z [PoolClient,client] VM pool fully initialised
2023-05-18T18:36:42.369214Z [PoolClient,client] CowrieSSHFactory starting on 2222
2023-05-18T18:36:42.369268Z [cowrie.ssh.factory.CowrieSSHFactory#info] Starting factory <cowrie.ssh.factory.CowrieSSHFactory object at 0xffff87392830>
2023-05-18T18:36:42.413557Z [PoolClient,client] Ready to accept SSH connections
2023-05-18T18:36:43.251498Z [-] Guest cowrie-ubuntu18.04_e83c2dbcb432495ab6cf07df5b4500fd has booted
2023-05-18T18:36:44.131614Z [-] Guest cowrie-ubuntu18.04_15e8bb4be0b041e3a845138720439ace has booted
2023-05-18T18:37:11.734121Z [-] Guest 0 ready for connections @ 192.168.150.64! (boot 28s)
2023-05-18T18:37:11.775970Z [-] Guest 1 ready for connections @ 192.168.150.157! (boot 27s)
But still if I try to SSH in to the indicated IP addresses, the terminal hangs and eventually displays the following error:
ssh: connect to host 192.168.150.139 port 22: Connection timed out
Do you have any advice for this problem? Thank you in advance.
P.S.: please we have a presentation on honeypots to do on 8th of June please answer :)🥇
The text was updated successfully, but these errors were encountered:
I'm not sure if have followed this section to forward requests. cowrie open 2222 port as a SSH honeycomb by default, and you connect to 22 port by default. 2222 != 22.
Here you can see cowrie open the 2222 port.
2023-05-18T18:36:42.369214Z [PoolClient,client] CowrieSSHFactory starting on 2222
In fact, the port number 2222 is the default configuration:
# file: ./etc/cowrie.cfg
# Endpoint to listen on for incoming SSH connections.
# See https://twistedmatrix.com/documents/current/core/howto/endpoints.html#servers
# (default: listen_endpoints = tcp:2222:interface=0.0.0.0)
# (use systemd: endpoint for systemd activation)
# listen_endpoints = systemd:domain=INET:index=0
# For both IPv4 and IPv6: listen_endpoints = tcp6:2222:interface=\:\:
# Listening on multiple endpoints is supported with a single space seperator
# e.g listen_endpoints = "tcp:2222:interface=0.0.0.0 tcp:1022:interface=0.0.0.0" will result listening both on ports 2222 and 1022
# use authbind for port numbers under 1024
listen_endpoints = tcp:2222:interface=0.0.0.0
To solve this problem, you could assign -p 2222 when connect SSH honeycomb:
I followed all the instruction reported in the documentation in order to run a pool of virtual machines for running Cowrie in proxy mode. The VMs apparently boot correctly (i lowered down the number from 5 to 2, i also increased the guest_memory in cowrie.cfg file, not sure if it matters):
This is the tail of var/log/cowrie/cowrie.log file:
But still if I try to SSH in to the indicated IP addresses, the terminal hangs and eventually displays the following error:
ssh: connect to host 192.168.150.139 port 22: Connection timed out
Do you have any advice for this problem? Thank you in advance.
P.S.: please we have a presentation on honeypots to do on 8th of June please answer :)🥇
The text was updated successfully, but these errors were encountered: