Skip to content
/ basic_ssh_honeypot_with_downloader Public

A basic SSH honeypot with downloader (to collect malware samples). Made with Python, containerised in Docker, managed with Docker Compose.

securehoney.net/blog/how-to-build-an-ssh-honeypot-in-python-and-docker-part-2.html
3 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sjbell/basic_ssh_honeypot_with_downloader

BranchesTags

Repository files navigation

Basic SSH Honeypot - with Downloader

Following on from Part 1, this repo extends the basic SSH honeypot with a downloaderer -- for getting malware samples. Part of my blog post: How to build an SSH honeypot in Python and Docker - Part 2. Made with Python, containserised in Docker, managed with Docker Compose.

Uses the Paramiko Python SSH protocol library.

Installation

Port forwarding

Setup port forwarding (e.g. from 22 to 2222)

iptables -A PREROUTING -t nat -p tcp --dport 22 -j REDIRECT --to-port 2222

Generate server key

ssh-keygen -t rsa -f server.key

Build

docker-compose build

Run

docker-compose up

Logs are recorded in the auto-generated ssh_honeypot.log and ssh_honeypot_downloader.log files

About

A basic SSH honeypot with downloader (to collect malware samples). Made with Python, containerised in Docker, managed with Docker Compose.

securehoney.net/blog/how-to-build-an-ssh-honeypot-in-python-and-docker-part-2.html

Topics

python docker ssh security docker-compose honeypot infosec

Resources

Readme
Activity

Stars

3 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages