Download
1 / 6
60 likes | 279 Views
Kippo & KippoGraph. An SSH Honeypot. Introduction. What is a Honeypot? Honey Pot Systems are decoy servers or systems setup to gather information regarding an attacker or intruder into your system .
E N D
Kippo & KippoGraph An SSH Honeypot
Introduction • What is a Honeypot?Honey Pot Systems are decoy servers or systems setup to gather information regarding an attacker or intruder into your system. • Why Kippo?Kippois a simple SSH Honeypot that provide full user interaction while recording all keystrokes for later playback, saves downloads outside the env, and allows for full inspection of the attacker's actions. • Examples • http://www.youtube.com/watch?v=l9v8_VjKnvo • http://www.youtube.com/watch?v=oJagxe-Gvpw
Configuration • Kippo.cfgBasics... • start.sh • authbind(for using port 22) • userdb.txt • New with 0.8, easy way to add users • Customization • txtcmds • fs.pickle
KippoGraph • Purdy Pictures
Hands On • Login • Configs • Stupid People • Kippo-Graph Details
References • KippoKippois a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.http://code.google.com/p/kippo/ • Kippo-GraphKippo-Graph is a full featured script to visualize statistics from a Kippo SSH honeypot.http://bruteforce.gr/kippo-graph
