Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/random-robbie/docker-ssh-honey

SSH Honey pot for docker
https://github.com/random-robbie/docker-ssh-honey

docker docker-ssh-honey honeypot ssh-honeypot

Last synced: about 1 month ago
JSON representation

SSH Honey pot for docker

Host: GitHub
URL: https://github.com/random-robbie/docker-ssh-honey
Owner: random-robbie
License: apache-2.0
Created: 2017-08-22T10:27:12.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2022-07-11T08:59:14.000Z (over 2 years ago)
Last Synced: 2024-08-04T23:10:05.558Z (4 months ago)
Topics: docker, docker-ssh-honey, honeypot, ssh-honeypot
Language: Dockerfile
Size: 17.6 KB
Stars: 55
Watchers: 4
Forks: 16
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-honeypot - **15**星

README

# docker-ssh-honey

`https://hub.docker.com/r/txt3rob/docker-ssh-honey`

Start `docker run -p 22:22 -it txt3rob/docker-ssh-honey`

SSH Honey pot for docker

Using Alpine as base image now to take container from 1GB to around 118MB

Using https://github.com/droberson/ssh-honeypot

FROM THE README

# SSH Honeypot

This program listens for incoming ssh connections and logs the ip
address, username, and password used. This was written to gather
rudimentary intelligence on brute force attacks.

## Syslog facilities

As of version 0.0.5, this supports logging to syslog. This feature
is toggled with the -s flag. It is up to you to configure your
syslog facilities appropriately. This logs to LOG_AUTHPRIV which is
typically /var/log/auth.log. You may want to modify this to use
one of the LOG_LOCAL facilities if you are worried about password
leakage.

This was implemented to aggregate the data from several hosts into
a centralized spot.

## Dropping privileges

As of version 0.0.8, you can drop root privileges of this program
after binding to a privileged port. You can now run this as _nobody_
on port 22 for example instead of root, but have to initially start it
as root:

$ sudo bin/ssh-honeypot -p 22 -u nobody

Beware that this chowns the logfile to the user specified as well.

## Changing the Banner

List available banners

$ bin/ssh-honeypot -b

Set banner string

$ bin/ssh-honeypot -b "my banner string"

Set banner by index

$ bin/ssh-honeypot -i

Use a VPS from DO

[![DigitalOcean Referral Badge](https://web-platforms.sfo2.cdn.digitaloceanspaces.com/WWW/Badge%201.svg)](https://www.digitalocean.com/?refcode=e22bbff5f6f1&utm_campaign=Referral_Invite&utm_medium=Referral_Program&utm_source=badge)