-
Notifications
You must be signed in to change notification settings - Fork 2
/
index.xml
11 lines (11 loc) · 4.53 KB
/
index.xml
1
2
3
4
5
6
7
8
9
10
11
<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Cowrie SSH and Telnet Honeypot on Cowrie</title><link>https://www.cowrie.org/</link><description>Recent content in Cowrie SSH and Telnet Honeypot on Cowrie</description><generator>Hugo -- gohugo.io</generator><language>en-us</language><lastBuildDate>Wed, 28 Aug 2019 16:05:10 +0100</lastBuildDate><atom:link href="https://www.cowrie.org/index.xml" rel="self" type="application/rss+xml"/><item><title>Cowrie: Designing SSH and Telnet Proxies (and Dabbling with Qemu)</title><link>https://www.cowrie.org/posts/cowrie-gsoc-2019/</link><pubDate>Wed, 28 Aug 2019 16:05:10 +0100</pubDate><guid>https://www.cowrie.org/posts/cowrie-gsoc-2019/</guid><description>These past months I&rsquo;ve been working in the Google Summer of Code program with The Honeynet Project, in a project called Cowrie, about which I&rsquo;ve talked in a previous post. Cowrie, in turn, is maintained by Michel Oosterhof, with whom I really had the pleasure of working these past months.
Whew, that was a mouthful of links, but I&rsquo;ve got my references done with for now&hellip; I have talked about the experience in the official report, so this post will focus a bit more on the technical challenges I faced and my main takeaways, as well as serving to showcase the new features that have been added.</description></item><item><title>Cowrie Honeypot</title><link>https://www.cowrie.org/posts/2015-07-05-cowrie/</link><pubDate>Sun, 05 Jul 2015 00:00:00 +0000</pubDate><guid>https://www.cowrie.org/posts/2015-07-05-cowrie/</guid><description>Since summer 2014 I&rsquo;ve been working on extensions and contributions to the well known Kippo honeypot developed by desaster.
I noticed some SSH attacks against my systems were not logged in full detail and I started to work on additional logging, from there I&rsquo;ve added &lsquo;ssh exec commands&rsquo; support, SFTP support, SCP support, direct-tcpip (proxying) support and many other features.
To distinguish this from the original software, I have now renamed the system to &quot;Cowrie&quot;.</description></item><item><title>Interesting Perl scripts through stdin</title><link>https://www.cowrie.org/posts/2015-02-19-perl-stdin/</link><pubDate>Thu, 19 Feb 2015 00:00:00 +0000</pubDate><guid>https://www.cowrie.org/posts/2015-02-19-perl-stdin/</guid><description>This came in recently in one of my honeypots, same IP address that attempted to download SSH bruteforcing scripts before, but this latest attempt shows a new method of operations. In the log below you can see they attempt to run &lsquo;perl&rsquo;. Kippo accepts the perl command, but we don&rsquo;t see what&rsquo;s executed.
2015-02-17 08:13:56+0000 [kippo.core.ssh.HoneyPotSSHFactory] New connection: AAA.BBB.CCC.DDD:40346 (127.0.0.1:2222) [session: 491] 2015-02-17 08:13:57+0000 [HoneyPotTransport,491,AAA.BBB.CCC.DDD] KEXINIT: client supported key exchange: [&#39;diffie-hellman-group14-sha1&#39;, &#39;diffie-hellman-group-exchange-sha1&#39;, &#39;diffie-hellman -group1-sha1&#39;] 2015-02-17 08:13:57+0000 [HoneyPotTransport,491,AAA.</description></item><item><title>Contact</title><link>https://www.cowrie.org/contact/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://www.cowrie.org/contact/</guid><description>Contact Cowrie
We&rsquo;re friendly people and like to help.
If you would prefer to contact us directly, email cowrie@cowrie.org
Your Name Email Address An email address is required. Message</description></item><item><title>Cowrie Slack</title><link>https://www.cowrie.org/slack/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://www.cowrie.org/slack/</guid><description>Join the Cowrie Slack here</description></item><item><title>Download</title><link>https://www.cowrie.org/download/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://www.cowrie.org/download/</guid><description>Download the latest Cowrie release at https://github.com/cowrie/cowrie/releases.
Or look at the work in progress at https://github.com/cowrie/cowrie.</description></item><item><title>Mailing List</title><link>https://www.cowrie.org/mail/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://www.cowrie.org/mail/</guid><description>If you&rsquo;d like to join our mailing list, please sign up here!
Your data will not be shared with third parties.
Subscribe * indicates required Email Address * First Name Last Name</description></item></channel></rss>