Vulnerability Management & Penetration Testing Software | Rapid7. Brechtholds Blog. Kippo - SSH Honeypot. Kippo is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker. Kippo is inspired, but not based on Kojoney. Demo Some interesting logs from a live Kippo installation below (viewable within a web browser with the help of Ajaxterm). Note that some commands may have been improved since these logs were recorded. Features Some interesting features: Fake filesystem with the ability to add/remove files.
Requirements Software required: An operating system (tested on Debian, CentOS, FreeBSD and Windows 7) Python 2.5+ Twisted 8.0+ PyCrypto Zope Interface See Wiki for some installation instructions. How to run it? Edit kippo.cfg to your liking and start the honeypot by running: . start.sh is a simple shell script that runs Kippo in the background using twistd. Twistd -y kippo.tac -n By default Kippo listens for ssh connections on port 2222. Files of interest: Is it secure? Maybe. I have some questions! Bonesi - BoNeSi - the DDoS Botnet Simulator. BoNeSi, the DDoS Botnet Simulator is a Tool to simulate Botnet Traffic in a testbed environment on the wire.
It is designed to study the effect of DDoS attacks. What traffic can be generated? BoNeSi generates ICMP, UDP and TCP (HTTP) flooding attacks from a defined botnet size (different IP addresses). BoNeSi is highly configurable and rates, data volume, source IP addresses, URLs and other parameters can be configured. What makes it different from other tools? There are plenty of other tools out there to spoof IP addresses with UDP and ICMP, but for TCP spoofing, there is no solution.
Where can I run BoNeSi? We highly recommend to run BoNeSi in a closed testbed environment. How does TCP Spoofing work? BoNeSi sniffs for TCP packets on the network interface and responds to all packets in order to establish TCP connections. How good is the perfomance of BoNeSi? We focused very much on performance in order to simulate big botnets. Are BoNeSi attacks successful?
Yes, they are very successful. Krebs on Security.