seo蒙牛伊利企业网站专业性诊断,怎么做降落伞制作方法,交易所源码,中国最大的服装外贸公司Kippo是一个可交互的SSH蜜罐#xff0c;旨在记录暴力攻击行为#xff0c;最重要的是可以记录攻击者的shell交互行为#xff0c;如果你需要了解有关Kippo更多信息#xff0c;请访问它的官方网站http://code.google.com/p/kippo/#xff0c;本教程只教你如何在CentOS 5.5服务…Kippo是一个可交互的SSH蜜罐旨在记录暴力攻击行为最重要的是可以记录攻击者的shell交互行为如果你需要了解有关Kippo更多信息请访问它的官方网站http://code.google.com/p/kippo/本教程只教你如何在CentOS 5.5服务器上编译和安装Kippo但我不保证你照做也能成功。 安装Python 2.6 你可能已经知道CentOS自带的是Python 2.4因此你需要安装Python 2.6具体的安装教程请访问下面这个链接 http://www.geekymedia.com/tech-articles/rhel5-centos5-rpms-for-python-2-5-and-2-6/. 重要提示 1)安装你需要的RPM包包括Python基础包和libs包。 2)在命令行输入python26启动Python 2.6注意不是输入python系统自带的Python 2.4仍然保留在系统中。 3)如果你使用setuptolls安装软件包确保使用正确的python版本如python26 setup.py安装 TwistedZope和Pycrypto安装 Twisted是一个事件驱动的网络引擎使用Python编写基于MIT许可协议发布Twisted项目支持TCPUDPSSL/TLS多播Unix套接字和其它许多协议包括HTTPNNTPIMAPSSHIRC和FTP等。 cd /tmp wget http://twistedmatrix.com/Releases/Twisted/10.2/Twisted-10.2.0.tar.bz2 tar -xvf Twisted-10.2.0.tar.bz2 cd Twisted-10.2.0 python26 setup.py build python26 setup.py install Zope是一个开源的Web应用程序服务器主要用Python写成。 cd /tmp wget http://www.zope.org/Products/ZopeInterface/3.3.0/zope.interface-3.3.0.tar.gz tar -xvf zope.interface-3.3.0.tar.gz cd zope.interface-3.3.0 python26 setup.py build python26 setup.py install Pycrypto是一套使用Python实现的加密算法和协议集合。 cd /tmp wget wget http://www.amk.ca/files/python/crypto/pycrypto-2.0.1.tar.gz tar -xvf pycrypto-2.0.1.tar.gz cd pycrypto-2.0.1 python26 setup.py build python26 setup.py install ASN.1类型和编码BERCERDER也是使用Python编程语言实现的。 cd /tmp wget http://sourceforge.net/projects/pyasn1/files/pyasn1-devel/0.0.12a/pyasn1-0.0.12a.tar.gz/download tar -xvf pyasn1-0.0.12a.tar.gz cd pyasn1-0.0.12a python26 setup.py build python26 setup.py install 创建用户 Kippo不能以root用户运行因此我们必须创建一个正规的用户。 useradd kippouser 你需要从http://kippo.googlecode.com下载最新的Kippo源代码包。 su - kippouser wget http://kippo.googlecode.com/files/kippo-0.5.tar.gz tar -xvf kippo-0.5.tar.gz cd kippo-0.5 配置Kippo vi kippo.cfg # # Kippo configuration file (kippo.cfg) # [honeypot] # IP addresses to listen for incoming SSH connections. # # (default: 0.0.0.0) any address #ssh_addr 0.0.0.0 # Port to listen for incoming SSH connections. # # (default: 2222) ssh_port 2222 # Hostname for the honeypot. Displayed by the shell prompt of the virtual # environment. # # (default: sales) hostname sales # Directory where to save log files in. # # (default: log) log_path log # Directory where to save downloaded (malware) files in. # # (default: dl) download_path dl # Directory where virtual file contents are kept in. # # This is only used by commands like cat to display the contents of files. # Adding files here is not enough for them to appear in the honeypot - the # actual virtual filesystem is kept in filesystem_file (see below) # # (default: honeyfs) contents_path honeyfs # File in the python pickle format containing the virtual filesystem. # # This includes the filenames, paths, permissions for the whole filesystem, # but not the file contents. This is created by the createfs.py utility from # a real template linux installation. # # (default: fs.pickle) filesystem_file fs.pickle # Directory for miscellaneous data files, such as the password database. # # (default: data_path) data_path data # Directory for creating simple commands that only output text. # # The command must be placed under this directory with the proper path, such # as: # txtcmds/usr/bin/vi # The contents of the file will be the output of the command when run inside # the honeypot. # # In addition to this, the file must exist in the virtual # filesystem {filesystem_file} # # (default: txtcmds) txtcmds_path txtcmds # Public and private SSH key files. If these dont exist, they are created # automatically. # # (defaults: public.key and private.key) public_key public.key private_key private.key # Initial root password. Future passwords will be stored in # {data_path}/pass.db # # (default: 123456) password 123456 # IP address to bind to when opening outgoing connections. Used exclusively by # the wget command. # # (default: not specified) #out_addr 0.0.0.0 # Sensor name use to identify this honeypot instance. Used by the database # logging modules such as mysql. # # If not specified, the logging modules will instead use the IP address of the # connection as the sensor name. # # (default: not specified) #sensor_namemyhostname # Fake address displayed as the address of the incoming connection. # This doesnt affect logging, and is only used by honeypot commands such as # w and last # # If not specified, the actual IP address is displayed instead (default # behaviour). # # (default: not specified) #fake_addr 192.168.66.254 # MySQL logging module # # Database structure for this module is supplied in doc/sql/mysql.sql # # To enable this module, remove the comments below, including the # [database_mysql] line. #[database_mysql] #host localhost #database kippo #username kippo #password secret 启动Kippo ./start.sh 日志文件 默认情况下kippo的输出将会被重定向到日志文件log/kippo.log使用下面的命令查看Kippo的日志 tail -f log/kippo.log 提示如何访问Kippo 默认情况下Kippo运行在2222端口上如果运行在Windows上端口22通常是空闲的可以将Kippo运行在这个端口上在Linux上端口22有所限制只能由root使用但可以使用下面的命令进行端口映射 iptables -t nat -A PREROUTING -i IN_IFACE -p tcp --dport 22 -j REDIRECT --to-port 2222 使用你真实的接口名如eth0替换这里的IN_IFACE。 测试 使用root用户连接到Kippo服务器的2222端口 ssh 127.0.0.1 -p 2222 -l root 如果成功登录你一定会看到下面的banner sales:~# 原文出处http://www.howtoforge.com/how-to-set-up-kippo-ssh-honeypot-on-centos-5.5 原文名How To Set Up Kippo SSH Honeypot On CentOS 5.5转载于:https://www.cnblogs.com/baogg/articles/2172317.html
