honeymap
commented
11 years ago a little more info - in the hpfriends web portal, the error log states:
Message: Authkey not allowed to subscribe here. Channel: geoloc.events
Open honeymap opened 11 years ago
honeymap
commented
11 years ago a little more info - in the hpfriends web portal, the error log states:
Message: Authkey not allowed to subscribe here. Channel: geoloc.events
heipei
commented
11 years ago Yeah, looks like you didn't configure the authkey in your setup to be able to subscribe to geoloc.events. Have a look here on how to do that: http://heipei.github.io/2013/05/11/Using-hpfriends-the-social-data-sharing-platform/#authkeys
honeymap
commented
11 years ago Thanks.
so subscribe to geoloc.events. that seem to fix that error. now to figure out why the map is not displaying...
fw42
commented
11 years ago Our main honeypot is down at the moment, so the number of hits on the honeymap is pretty low at the moment.
honeymap
commented
11 years ago Thanks for the update fw42!
I'd like to run this in a sandboxed environment with zero internet access -- (testing functionality)
To do so, I was planning on running my own honeymap server, and dionaea server. It looks like I would also need to emulate the hpfriends services -- is this something I can do with the hpfeeds distribution on github? Super complex, or you think it would be fairly straight forward?
katkad
commented
11 years ago hi,
should be map working at the moment ? (i mean local instances, not http://map.honeynet.org/)
i am running local instance, and no data shows wireshark shows just (what i suppose is) initial connection to hpfriends.honeycloud.net and then i don't see any communication
i tried this last week, also no data on honeymap, but hpfriends.honeycloud.net was transmitting data like: bytes_received: 211120126 bytes_sent: 9262638 published: 521662 received: 27956
any way to debug this ? i do not see any logs
fw42
commented
11 years ago Hi,
if your setup is correct, you should see the same data as our honemap (http://map.honeycloud.net/), which is not a lot at the moment, since our honeypot is down due to hardware issues. But you should see a few events a minute at least I guess. If you want more, please consider contributing and hosting your own honeypot (and submitting your events to hpfriends).
Flo
honeymap
commented
11 years ago Flo,
Is there a way to running your own copy of hpfriends (is this compiling hpfeeds off of git?), or is this currently not recommended? I'd like to run in a sandbox (no internet connection to use as a internal test tool)
fw42
commented
11 years ago hpfriends is not open-sourced yet, sorry. Don't know how hard it would be to run hpfeeds on your own. @rep would know.
katkad
commented
11 years ago now i get it i have to publish geoloc.events via https://github.com/rep/hpfeeds/blob/master/examples/geoloc/geoloc.py and data shows
i see just data from our honeypots, probably because noone is sharing their data with me (i am using my ident and secret, maybe there is global one for this, which i don't know)
can you mention it in README so other people would avoid no data in their honeymaps ?
RKStevens
commented
10 years ago Iam trying to get a local instance running as well. I am connected to the backend on both dionaea and the honeymap. Where does geoloc.py come into play.
katkad
commented
10 years ago hello
1, download https://github.com/rep/hpfeeds/tree/master/examples/geoloc along with https://github.com/rep/hpfeeds/tree/master/lib into one directory 2, edit https://github.com/rep/hpfeeds/blob/master/examples/geoloc/geoloc.py with your credentials 3, run https://github.com/rep/hpfeeds/blob/master/examples/geoloc/geoloc.py along with honeymap server
geoloc publishes geoloc events, which are displayed on the map
RKStevens
commented
10 years ago Thanks kat! After a few issues with importing GeoIP, I finally got geoloc.py running with my credentials but still no data on the map?
katkad
commented
10 years ago it seems there is problem with broker. I can not authenticate. there are no events on http://map.honeynet.org/ too. I already contacted the right people.
r3k2
commented
8 years ago is this still broken? I just try the link and no data..
katkad
commented
8 years ago Hi, I guess it is down currently. I asked on ML, but no answer so far. Last event I received is from 2016-02-16 08:33:40.969085 CET +0000 .
r3k2
commented
8 years ago is there a way to get the main data to show on my honeymap instead of just my data? I think this is a threat related to that but not 100% sure.. if indeed is.. is there a howto somewhere? thanks! i'm using MHN server.
fw42
commented
8 years ago As far as I know, the broker is not down, it's just that nobody is sharing any honeypot data anymore via hpfeeds. One of the biggest honeypots (RWTH Aachen University) was shut down.
r3k2
commented
8 years ago hmm I could share my data. I dont mind is not private, my personal honey pots are just for my own research.
katkad
commented
8 years ago @ChrisFernandez hi, you can sign up here (with your github account for example) http://hpfriends.honeycloud.net/#/home create keys, and share the data
But data distribution does not work. That's why I guess the broker is down. When data distribution will be OK, you should see something here https://honeymap.cz/ . I had no time to setup our own solution, so data on it is distributed through The Honeynet Project broker.
r3k2
commented
8 years ago Hello Katarine.. I don't see any link on that site to be able to register...
El mié., 2 mar. 2016 a las 1:46, Katarina Durechova (< notifications@github.com>) escribió:
@ChrisFernandez https://github.com/ChrisFernandez hi, you can sign up here (with your github account for example) http://hpfriends.honeycloud.net/#/home create keys, and share the data
But data distribution does not work. That's why I guess the broker is down. When data distribution will be OK, you should see something here https://honeymap.cz/ . I had no time to setup our own solution, so data on it is distributed through The Honeynet Project broker.
— Reply to this email directly or view it on GitHub https://github.com/fw42/honeymap/issues/9#issuecomment-191160183.
http://hispagatos.org http://binaryfreedom.info Free Software Foundation The Linux Foundation Electronic Frontier Foundation DefCon 617 user group I2p Network LibrePlanet rek2wilds, BBK https://twitter.com/B1naryFreed0m https://www.linkedin.com/in/chfernandez
katkad
commented
8 years ago Oh, really. There is no sign-in button now. I didn't notice before.
fw42
commented
8 years ago @rep might be able to answer those questions
r3k2
commented
8 years ago Thanks @katkad @fw42 hopefully @rep responds, I'm very interested, I have no idea of coffeescript, nor JS, so going to pay someone to update the honeymap on my fork, also notice that one lib that honemap depends on is a golang(that I do know) lib that is checking the google code site, I fork that project and did the right changes and have pointed my own honeymap fork to use my lib fork. so now I have it working locally to be able to work on it (I currently have an production one but is from the MHN project so they already fixed that). https://pot.hispagatos.org:8443/
I have been looking on the honeymap/hpfriends/heipei github for directions on how to install a very basic setup of honeymap.
but when running server/server, I get the following error:
2013/08/15 14:56:19 Binding Honeymap webserver to 0.0.0.0:3000... 2013/08/15 14:56:19 Connecting to hpfeeds.honeycloud.net:20000... 2013/08/15 14:56:19 Connected to Hpfeeds server. 2013/08/15 14:56:19 Received error from server: Authkey not allowed to subscribe here.
any suggestions? Also, is there a way to run my own hpfeeds server? Is it just a matter of deploying a hpfeeds instance?
Project looks cool, but wish there was more documentation.