Cowrie SSH Honeypot

# cd root
# vi /etc/ssh/sshd_config
change
Port 22
to
Port 2222
# service ssh reload

# apt-get install git python-dev python-openssl openssh-server python-pyasn1 python-twisted authbind

# adduser –disabled-password cowrie
Adding user `cowrie’ …
Adding new group `cowrie’ (1002) …
Adding new user `cowrie’ (1002) with group `cowrie’ …
Changing the user information for cowrie
Enter the new value, or press ENTER for the default
Full Name []:
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n]
# touch /etc/authbind/byport/22
# chown cowrie:cowrie /etc/authbind/byport/22 && chmod 777 /etc/authbind/byport/22

# su – cowrie
$ cd  cowrie
$ virtualenv cowrie-env
Running virtualenv with interpreter /usr/bin/python2
New python executable in /home/cowrie/cowrie/cowrie-env/bin/python2
Also creating executable in /home/cowrie/cowrie/cowrie-env/bin/python
Installing setuptools, pkg_resources, pip, wheel…done.

$ source cowrie-env/bin/activate
(cowrie-env) $ pip install pycrypto Crypto
(cowrie-env) $ pip install -r requirements.txt
$ cp cowrie.cfg.dist cowrie.cfg
$ pico cowrie.cfg cowrie.cfg
hostname = svr01
listen_port = 22
$ cd data
$ ssh-keygen -t dsa -b 1024 -f ssh_host_dsa_key
$ cd ..
$ export PYTHONPATH=/home/cowrie/cowrie
$ pico start.sh

-set
AUTHBIND_ENABLED=yes
$ ./start.sh

-to start cowrie using root a/c
need to find out

-to stop cowrie
# /home/cowrie/cowrie/stop.sh
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s