How To Install Kippo - Community Menu 8 How To Install...

Info icon This preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
± Community C 8 How To Install Kippo, an SSH Honeypot, on an Ubuntu Cloud Server Jun 20, 2013 Security Ubuntu Introduction Kippo is a SSH honeypot tool writen in Python that can log brute force attacks and the shell interaction performed by the said attacker. In this tutorial, I will show you how to setup Kippo and also how to add a simple solution which can help prevent brute force attacks on your cloud server. Some interesting features that Kippo provides: Fake filesystem with the ability to add/remove files. A full fake filesystem resembling a Debian 5.0 installation is included Possibility of adding fake file contents so the attacker can 'cat' files such as /etc/passwd. Only minimal file contents are included Session logs stored in an UML compatible format for easy replay with original timings Just like Kojoney, Kippo saves files downloaded with wget for later inspection Trickery; ssh pretends to connect somewhere, exit doesn't really exit, etc As qoute by desaster , creater of Kippo, "By running kippo, you're virtually mooning the attackers. Just like in real life, doing something like that, you better know really well how to defend yourself!" G Menu
Image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
If you wish to learn more about kippo, please click here. Please note: This guide assumes you already know how to create a cloud server. If not, please follow this guide before continuing. Furthermore, this is based on a fresh installation of Ubuntu 12.10 x32 server. Step 1: Access and Update/Upgrade Your Ubuntu Cloud Server Log into your cloud server with SSH: ssh [email protected]_IP_HERE Input the following commands: apt-get update and apt-get upgrade Step 2: Changing the SSH port Kippo logs everything that has been accessed via port 2222. But most automated tools which are used by hackers, default SSH to port 22. Thus, it would be a good idea to make kippo listen to port 22 instead. To do this, we need to change the port which your server uses for SSH. It is also good practice to change your SSH port for security issues, but you have to remember this when dealing with other 3rd party programs. From now on, I will be using vi as my text editor. If you use something else like nano, just replace vi with nano. vi /etc/ssh/sshd_config
Image of page 2
You should see the file below: We need to change the port number to something else. In this example, it will be 8925. # What ports, IPs and protocols we listen for Port 8925 This should be the expected outcome. Save the file and exit into your terminal. We need to restart SSH. Input: reload ssh
Image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Step 3: Installing Dependencies We need to install kippo's dependencies. Here are the following commands: Now we are going to use 'subversion' to download kippo: :-$ apt-get install subversion Step 4: Creating the Kippo User We add the user, setting the home directory to /home/kippo, the default login shell to /bin/bash then create the home directory. Finally we give this user sudo privileges: useradd -d /home/kippo -s /bin/bash -m kippo -g sudo
Image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern