{"id":16670337,"url":"https://github.com/ldilley/linulator","last_synced_at":"2026-03-02T19:38:22.070Z","repository":{"id":73152447,"uuid":"14139287","full_name":"ldilley/linulator","owner":"ldilley","description":":penguin: The Linux Simulator","archived":false,"fork":false,"pushed_at":"2023-03-23T05:42:06.000Z","size":3072,"stargazers_count":15,"open_issues_count":13,"forks_count":2,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-09-30T02:48:56.948Z","etag":null,"topics":["audit","auditing","emulator","hack","hacker","hacking","honeypot","information-security","java","linux","log","logging","network","network-monitoring","penetration","penetration-testing","security","security-tools","simulator","virtual-machine"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ldilley.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"license.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2013-11-05T11:07:09.000Z","updated_at":"2025-02-28T14:58:13.000Z","dependencies_parsed_at":null,"dependency_job_id":"fbdda2e3-5c29-4527-803a-26f4f7533695","html_url":"https://github.com/ldilley/linulator","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ldilley/linulator","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ldilley%2Flinulator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ldilley%2Flinulator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ldilley%2Flinulator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ldilley%2Flinulator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ldilley","download_url":"https://codeload.github.com/ldilley/linulator/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ldilley%2Flinulator/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30016547,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-02T17:00:27.440Z","status":"ssl_error","status_checked_at":"2026-03-02T17:00:03.402Z","response_time":60,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["audit","auditing","emulator","hack","hacker","hacking","honeypot","information-security","java","linux","log","logging","network","network-monitoring","penetration","penetration-testing","security","security-tools","simulator","virtual-machine"],"created_at":"2024-10-12T11:38:10.401Z","updated_at":"2026-03-02T19:38:22.042Z","avatar_url":"https://github.com/ldilley.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"Linulator\n=========\n\n[![License: GPL v3](https://img.shields.io/badge/License-GPL%20v3-blue.svg)](http://www.gnu.org/licenses/gpl-3.0)\n[![Build Status](https://travis-ci.org/ldilley/linulator.svg?branch=master)](https://travis-ci.org/ldilley/linulator)\n\n### About\n\nThe goal of this project is to create a fake Linux environment with configurable network ports that\ncan be opened. Linulator can be used as a learning or training environment or even as a honeypot.\nWhile operating as a honeypot, it will hopefully attract potential attackers so that their methods\ncan be learned. The environment can be frozen and saved to disk for forensic analysis. Extensive\nlogging can also be employed.\n\n**Note:** This project is still very much a work in progress! There is no virtual filesystem in place yet,\nSSH is not implemented, and many commands still need to be added.\n\nSince the network services Linulator uses typically run on privileged ports and it is not recommended\nthat you run Linulator as root, you should run the services on ports \u003e1024 and configure your firewall\nto forward or redirect the traffic to the higher-numbered ports. You may also want to run the program\nwithin a virtual machine, container, zone, jail, or chroot environment for added security on the host\nsystem.\n\n### Installation\n\n**Prerequisites:** [Apache Ant](http://ant.apache.org) and a [JDK](http://openjdk.java.net)\n\n1.) Build the jar:  \n```\n$ ant\n```\n\n2.) Change to the dist directory:  \n```\n$ cd dist\n```\n\n3.) Modify the configuration file to your liking:  \n```\n$ vi linulator.properties\n```\n\n4.) Optionally modify the security policy to meet your needs (the default should suffice):  \n```\n$ vi linulator.policy\n```\n\n5.) Forward or redirect any ports you want to use with Linulator. If you have a firewall/NAT appliance\nor broadband router, you can simply have Linulator listen on higher-numbered ports and forward the\nstandard port numbers. For example: outside:23 -\u003e inside:10023 for telnet. If the host is reachable\nfrom the Internet and Linulator is listening on nonstandard unprivileged ports, you will want to\nredirect traffic from the standard ports. This can be done using iptables, ipfw, or similar. Replace\nthe addresses, interfaces, and ports in the examples below with your own.\n\n**FreeBSD**  \nModify */etc/rc.conf* and add the following line:  \n```\npf_enable=\"YES\"\n```\n\nAdd similar lines for each service to */etc/pf.conf*:  \n```\nrdr pass on em0 proto tcp from any to 192.168.1.7 port 10023 -\u003e 192.168.1.7 port 23\n```\n\nStart the packet filter:  \n```\n# /etc/rc.d/pf start\n```\n\nConfirm the rules are in memory:  \n```\n# pfctl -sn\n```\n\n**Linux**  \nRun similar commands for each service (see the documentation for your distribution to make the rule persistent):  \n```\n# iptables -t nat -I PREROUTING --src 0/0 --dst 192.168.1.7 -p tcp --dport 23 -j REDIRECT --to-ports 10023\n```\n\nConfirm the rules are in memory:  \n```\n# iptables -L\n```\n\n**OS X \u003c= 10.6 (Snow Leopard)**  \nRun similar commands for each service (and replace the rule numbers with your own):  \n```\n$ sudo ipfw add 101 fwd 192.168.1.7,10023 tcp from any to me 23\n```\n\nConfirm the rules are in memory:  \n```\n$ sudo ipfw list\n```\n\nTo make the rules persistent, you can add them to */etc/ipfw.conf* and create a launch agent or daemon\nto load them automatically (use a search engine for details.)\n\n**OS X 10.7 (Lion), 10.8 (Mountain Lion), and 10.9 (Mavericks)**  \nNote: *ipfw* was deprecated in 10.7 (Lion). Use *pf* instead.\n\nAdd similar lines for each service to */etc/pf.conf*:  \n```\nrdr on en0 inet proto tcp to 192.168.1.7 port 23 -\u003e 192.168.1.7 port 10023\n```\n\nLoad the changes:  \n```\n$ sudo pfctl -f /etc/pf.conf\n```\n\nEnable the packet filter:  \n```\n$ sudo pfctl -e\n```\n\nConfirm the rules are in memory:  \n```\n$ sudo pfctl -sn\n```\n\n**Solaris**  \nAdd similar lines for each service to */etc/ipf/ipnat.conf*:  \n```\nrdr e1000g0 from any to 192.168.1.7 port = 23 -\u003e 192.168.1.7 port 10023 tcp\n```\n\nEnable the IP filter:\n```\n# svcadm enable ipfilter\n```\n\nConfirm the rules are in memory:  \n```\n# ipnat -l\n```\n\n6.) Launch Linulator (where X.X.X is the version and YYYYMMDD is the build date):  \n```\n$ java -jar linulator-X.X.X-YYYYMMDD.jar\n```\n\n7.) Enjoy!\n\n### FAQ\n\n**Why create a fake Linux environment when you can have a real one?**\n\nThis project was mainly created for learning purposes. The aim was to also create something even\nmore disposable than a virtual machine with less setup time.\n\n**If used as a honeypot, how can an attacker gain access to the Linulator environment?**\n\nThe idea is to allow the attacker access via FTP and telnet (and later SSH) after they discover a\nuser/password combination with the password being intentionally weak. They can then navigate around\nthe artificial system while Linulator logs their moves to the host system. They may attempt to remove\nlog files, modify files, plant rootkits, and perform other malicious activities. All of this behavior\ncan be tracked and does not harm the host operating system.\n\n**Why Java?**\n\nC was originally intended to be used for this project, but Java has some benefits worth taking\nadvantage of. Java has a large API. As a result, there is unlikely a need to go in search of\nthird-party libraries or re-invent the wheel. Java is also more portable and eliminates the\nrequirement for things like #ifdef and cmake.\n\nAnother very important and particularly applicable aspect for Linulator is security. Java performs\nbounds checking on arrays which can significantly reduce the risk of buffer overflows (unless there\nis a vulnerability in the JVM of course.) The SecurityManager class is additionally essential since\nit limits what users can do within Linulator. Lastly, a consequence of automatic memory management\nis that there are no explicit pointers. This increases safety by preventing dangling/wild pointers\nand defends against memory leaks.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fldilley%2Flinulator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fldilley%2Flinulator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fldilley%2Flinulator/lists"}