Comments (3)
Hey @Sparkxxx,
I can make that happen, but what about my other project Honeypots
?
Chameleon
is built on top of Honeypots
- it's super easy to set it up!
You can setup all sort of honeypots and output the logs to file, terminal or both
pip3 install honeypots
honeypots --setup ssh,ftp --config config.json
config.json
{
"logs":"file,terminal",
"logs_location":"/temp/honeypots_logs/"
"honeypots": {
"ftp": {
"port": 21,
"ip": "0.0.0.0",
"username": "test",
"password": "test"
}
},
"ssh": {
"port": 22,
"ip": "0.0.0.0",
"username": "test",
"password": "test"
}
}
}
[edit]
You can enable logging to file -> Chameleon
project -> config.json
-> change
"logs": "db",
to
"logs":"db,file",
"logs_location":"/temp/honeypots_logs/"
from chameleon.
Thanks for the reply,
Using "logs":"db,file", works but the format of the log is not compatible with syslog so it's not much use without a syslog-ng filter/parser.
Regarding honeypots I've upgraded the chameleon container with the latest version from honeypots-Dockerfile to the latest version
RUN pip3 install honeypots==0.25
instead of 0.23 which was the default one but I have not tested functionality yet.
I prefer using docker since it would not require maintaining python processes on vms running docker containers, it makes more sense for me.
My scenario is that I have a VM with docker-compose chameleon and nobody should touch that host.
When this happens I would like to have the attempt in syslog format so that I can act upon it, and it would be great if we could use the docker syslog driver directly to redirect stdout:
driver: syslog
options:
syslog-address: "udp://10.1.0.x:514"
tag: "honeypots"
Thanks
P.S.
Couldn't find much info on honeypots either and searching the web I found some references to chameleon honeypots
https://owasp.org/www-pdf-archive/GOD17-Chameleon.pdf
https://www.tu-braunschweig.de/index.php?eID=dumpFile&t=f&f=74776&token=78405aa9f5db4f5c28b1c071af0e27fb8893c2b7 , are you affiliated, is it the same project or behavior expected from this project?
from chameleon.
Using "logs":"db,file", works but the format of the log is not compatible with syslog so it's not much use without a syslog-ng filter/parser.
Would you be able to share your syslog-ng config file?
Regarding honeypots I've upgraded the chameleon container with the latest version from honeypots-Dockerfile to the latest version
RUN pip3 install honeypots==0.25
instead of 0.23 which was the default one but I have not tested functionality yet.
I prefer using docker since it would not require maintaining python processes on vms running docker containers, it makes more sense for me.
I have pushed many updates and now you can specify syslog server in the config.json in any stage ./run.sh test
, ./run.sh dev
or ./run.sh deploy
Add syslog
to logs
, configure the syslog_address
as URI and syslog_facility
value
"logs": "db,syslog",
"logs_location": "",
"syslog_address":"udp://syslog:514",
"syslog_facility":3,
"postgres":"//changeme027a088931d22:changeme0f40773877963@chameleon_postgres:9999/chameleon",
"filter": "not port 9999 and not port 514",
"interface": "eth0",
Also, I have added a syslog server to test that functionality (If you do not have one). You can run the project in test stage ./run.sh test and view the logs by accessing the chameleon_syslog container. The location is specified in the syslogs-ng
Couldn't find much info on honeypots either and searching the web I found some references to chameleon honeypots
https://owasp.org/www-pdf-archive/GOD17-Chameleon.pdf
https://www.tu-braunschweig.de/index.php?eID=dumpFile&t=f&f=74776&token=78405aa9f5db4f5c28b1c071af0e27fb8893c2b7 , are you affiliated, is it the same project or behavior expected from this project?
No, the links you listed above are different. I was referring to this honeypots package (You won't be able to find much information about QeeqBox projects because they were closed-source and used internally)
Let me know if the new updates make sense or not!
from chameleon.
Related Issues (19)
- Query on why ssh counter increments, but nothing else HOT 3
- Templating [IP] Error Updating Options pq: database "chameleon" does not exist HOT 2
- Error exposing ports HOT 6
- Need HOT 3
- run as a service HOT 5
- How to find out successful logins
- Need update for latest honeypots
- . HOT 1
- error in deploy HOT 1
- Save data to json file format
- Host own website with http honeypot
- How can i send data from chameleon to TheHive HOT 1
- Syslog error
- rsa error during docker execution/install HOT 4
- How to change port for some Server Modules? HOT 7
- Installation on CentOS HOT 5
- E : Unable to locate package python-psycopg2 HOT 1
- Can't customise the Grafana Dashbord Chameleon HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from chameleon.