SSH honeypot built with Cowrie with some extension modules:
This project is implemented with infrastructure as code using packer, so most of the image's creation is automated. The images created are up to date and contain all the packages needed for this project. After the images are created, it will be then used by packer to be run as containers. The system in this project contain of a honeypot container, attacker container, and a simple nginx container.
First, we use Packer to create a custom image for our honeypot and attacker machine. After the images are created, we run these images as Docker containers. After the container is runnning we need to set up our honeypot. After everything is set up, we can try to attack our honeypot-container with attacker-container.
Docker, Git, and Packer must be installed before installing this project.
Please make sure that the Docker engine is running.
We need 3 terminals ( on Windows preferably with WSL):
1st Terminal: Deployment
git clone https://github.com/dam-du/SECT_Bachelorprojekt.git
cd SECT_Bachelorprojekt/
./build.sh
to build our infrastructure with packer and create the containers.
2nd Terminal: Starting cowrie on honeypot's container
docker exec -it -u cowrie honeypot_container /bin/bash
./cowrie.sh
, this script will starts cowrieAfter cowrie is running, enter exit
and
2nd Terminal: Activating modules on honeypot's container
docker exec -it honeypot_container bin/bash
./activate_mods.sh
, it starts all extension modules for the honeypot (normal)../xactivate_mods.sh
, it starts all extension modules and push all network traffics to the log.3rd Terminal: Attack testcases
docker exec -it attacker_container /bin/bash
/testcase/
Run ./clean.sh
to stop, and remove all containers and images associated with the project.