Cowrie installer using Ansible
Home Page: https://communityhoneynetwork.readthedocs.io
License: GNU Lesser General Public License v2.1
Community Honey Network server
Find the documentation here: https://communityhoneynetwork.readthedocs.io
It would be nice to have IPv6 information as well as IPv4
In the log the IP is incorrectly reported as docker interface:
[cowrie.telnet.transport.HoneyPotTelnetFactory] New connection: 172.24.0.1:56528 (172.24.0.2:22) [session: 63cacf651fc1]
the executable /opt/cowrie/bin/cowrie requires the env var DOCKER=yes in order to not generate /opt/cowrie/var/log/cowrie/cowrie.log* files.
In the file cowrie.run.j2
exec su - cowrie -c "/opt/cowrie/bin/cowrie start"
when su uses "-" it starts a new shell and does not pass the DOCKER env var to the session. Without this var set, the twisted command sets logging options.
A quick fix is to change the line like so:
exec su - cowrie -c "DOCKER=${DOCKER} /opt/cowrie/bin/cowrie start"
Previously, setting TAGS (in the configuration file, now as an environment variable) resulted in the tags getting added to each log sent to the CHN hpfeed server. Now setting TAGS does not result in the tags getting added to the logs.
This seems related to moving from the custom hpfeeds.py output that included tags support to cowrie's official hpfeed3.py output that doesn't not support tags.
Hi! I see you made extensions to the hpfeeds output plugin.
If you want, you can send a PR and I can merge them in the main cowrie project.
I won't copy it myself because your plugin is LGPL and doesn't match Cowrie's license.
But if you are willing to change that, I'm happy to take any updates,
I'm getting the follow error on the top user chart: http://192.168.88.12:81/image/top_users.svg:
This page contains the following errors:
error on line 4 at column 9888: Char 0x0 out of allowed range
Below is a rendering of the page up to the first error.
Two items:
With default cowrie settings, this is currently an issue: cowrie/cowrie#1102
In that thread, they mention this cool project which is a good starting place to customize cowrie identity: https://github.com/411Hall/obscurer
Some of that can be mapped into the PERSONALITY property in the sysconfig file. However, I think it would be useful to add the functions from that obscurer.py to run at cowrie container startup to automatically change things up to reduce fingerprinting.
Could try to make certain things user-customizable in the sysconfig file such as user list, etc. If not specified, it would go with a default list.
Currently pulling 1.3.1
/
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.
