search

shiva-spampot / shiva

Spam Honeypot with Intelligent Virtual Analyzer
MIT License
132 stars 37 forks source link

Is Shiva works? How to test it from remote location? #28

Open kont45 opened 6 years ago

kont45 commented 6 years ago

I hope that I configured the honeypot correctly. I'm using a Python script to test honeypot from localhost. And it works. We can see in the logs:

2018-04-11 09:19:22,085 - root - DEBUG - Pulled message with key: '1523431157.M154179P9513Q2-212.X.X.X-shiva-none' off
2018-04-11 09:19:22,088 - root - CRITICAL - Inside Attachment handling
2018-04-11 09:19:22,088 - root - CRITICAL -     [+]Fixing Padding for Attachment if needed
2018-04-11 09:19:22,089 - root - INFO - [+]Inside shivadecide module.
2018-04-11 09:19:22,089 - root - INFO - Inside shivaaddnewrecord Module.
2018-04-11 09:19:22,089 - root - INFO - [+]shivaaddnewrecord Module: Adding recipient to whitelist and relaying
2018-04-11 09:19:22,089 - root - INFO - key: ab3fc69a590ebf0cc0d1f13cd70f3d89, value: ['b0nd.g4h@gmail.comm']
2018-04-11 09:19:22,089 - root - INFO - key: spammers_email, value: []
2018-04-11 09:19:22,089 - root - INFO - key: d32d96409e1725b21040b07a0b70fed3, value: ['test@gmail.com']
2018-04-11 09:19:22,090 - root - DEBUG - Message received from Peer: '/home/test/shiva-installer/shiva/queue/', From: u'From Person <me@fromdomain.net>', to To [u'test$2018-04-11 09:19:22,091 - routing - DEBUG - Matched u'test@gmail.com' against START.
2018-04-11 09:19:22,091 - routing - DEBUG - Message to set([u'test@gmail.com']) was handled by app.handlers.sample.START
2018-04-11 09:19:22,091 - routing - DEBUG - Matched u'test@gmail.com' against FORWARD.
2018-04-11 09:19:22,103 - routing - DEBUG - Message to set([u'test@gmail.com']) was handled by app.handlers.sample.FORWARD
2018-04-11 09:19:22,103 - root - DEBUG - Removed '1523431157.M154179P9513Q2-212.X.X.X-shiva-none' key from queue.

I am trying to log in from a remote location using the telnet command. Seems that it is not working, so a potential spammers couldn't login into my server:

Microsoft Telnet> open 212.X.X.X 25
Connecting To 212.X.X.X...Could not open connection to the host, on port 25: Connect failed

My server use a static IP and public.

Any tips?

b0nd commented 6 years ago

Hi, Please check the configuration file for listening port https://github.com/shiva-spampot/shiva/blob/master/helpers/shiva.conf#L14

kont45 commented 6 years ago

I've setup port on 25 and I have a lot, a lot, a lot! message. Disk with size 25GB has been fulled up on 50% more that 12h. So I think that my configuration is correct.