search

rep / dionaea

dionaea low interaction honeypot (forked from dionaea.carnivore.it)
GNU General Public License v2.0
153 stars 81 forks source link

Dionaea downloads table is missing!! #7

Open crazy-coder opened 9 years ago

crazy-coder commented 9 years ago

Hello,

I'm working on my honeypot in cloud masters project, I use EC2 cloud instance as the hardware and on my OS side I use Ubuntu 14.04.1 LTS Trusty

I installed Dionaea and use DionaeaFR for the data visualization. when I go to the DIonaeaFR web page to see my data I receive error "Operation error: saying that "downloads" table is missing.

The logsql.sqlite file is missing!! after I did my investigation I found this table falls under Dionaea honeypot and I found the script to build the table. but my question is:

Why did this table never get built?what I can do to overcome this issue? can someone get me some help here please I'm so stressed and worried this is my masters project I need to send it in less than a month time...

Thanks in advance

katkad commented 9 years ago

hello, both logsql file and downloads table should create automatically I delete the file when it's big, and it re-creates

do you use this dionaea at github ?

there is the code: https://github.com/rep/dionaea/blob/master/modules/python/scripts/logsql.py#L275-282

reading your question again, it's probably DionaeaFR, which is missing downloads table, so I'd investigate DionaeaFR; where does it look for logsql.sqlite and so on..

katkad commented 9 years ago

it takes file location from settings https://github.com/rubenespadas/DionaeaFR/blob/master/DionaeaFR/settings.py#L18 I suggest copying the file to DionaeaFR server

and you should have logsql turned on https://github.com/rep/dionaea/blob/master/conf/dionaea.conf.dist#L474 (not commented as in default)

crazy-coder commented 9 years ago

The Dionaea I'm using is dionaea-phibo following this tutorial http://www.cyberbrian.net/2014/09/install-dionaea-ubuntu-14-04/#comment-175

for me the directory /opt/dionaea/var/dionaea/logsql.sqlite. is not correct as-for some unknown reasons perhaps some steps I did during the installation- as I have /opt/dionaea/var/lib &include & bin folders So in my setting.py I put the name value as 'NAME': ' /usr/lib/dionaea/python/dionaea' because here I have the .py files. the logslq line is not commented though.