iNSTALLiNG KiPPO - SSH HONEYPOT WiTH MySQL
#1
##################################################
###                                            ###
### iNSTALLiNG KiPPO - SSH HONEYPOT WiTH MySQL ###
###                                            ###
##################################################

STEP1:  apt-get update && apt-get upgrade

STEP2:  nano /etc/ssh/sshd_config
        change the option Port 22, choosing another, eg 2222. We then restart the ssh server:

    
        /etc/init.d/ssh restart

STEP3:  apt-get install python-dev openssl python-openssl python-pyasn1 python-twisted python-mysqldb mysql-server

STEP4:  apt-get install git

STEP5:  apt-get install authbind

STEP6:  adduser kippo

STEP7:  visudo

STEP8:  add the line:
        kippo ALL=(ALL:ALL) ALL

        under the "root" user

STEP9:  touch /etc/authbind/byport/22
        chown kippo:kippo /etc/authbind/byport/22
        chmod 777 /etc/authbind/byport/22

STEP10: git clone https://github.com/desaster/kippo.git

STEP11: cp kippo.cfg.dist kippo.cfg

        &

        nano kippo.cfg

STEP12: Change SSH Port from 2222 to 22

        un-comment the following lines and type the corrent data:

        [database_mysql]
        host = localhost
        database = kippo
        username = kippo
        password = Kippo-DB-pass


        SAVE & EXIT

STEP13: mysql -u root -p

        CREATE DATABASE kippo;
        GRANT ALL ON kippo.* TO 'kippo'@'localhost' IDENTIFIED BY 'Kippo-DB-pass';
        exit

STEP14: go to Kippo’s directory (normally /home/kippo/kippo/ and load the table structures          
        into the database:

        mysql -u kippo -p

        USE kippo;
        source ./doc/sql/mysql.sql;
        exit

STEP15: nano start.sh

        change the following command from

            twistd -y kippo.tac -l log/kippo.log --pidfile kippo.pid

        to:

            authbind --deep twistd -y kippo.tac -l log/kippo.log --pidfile kippo.pid

        SAVE & EXIT

STEP16: sudo -u kippo ./start.sh

STEP17: We are now ready! To see the logging events in the database, you can use simple SQL
        commands like:

        $ mysql -u kippo -p
    
        USE kippo;
        SELECT * FROM auth;

STEP18: sudo apt-get install phpmyadmin
(OPTiONAL)
Zitieren Spammer löschen


Gehe zu: