thinkst / opencanary

Modular and decentralised honeypot
http://opencanary.org
BSD 3-Clause "New" or "Revised" License
2.31k stars 360 forks source link

Logging Error #206

Closed BirkeP closed 2 years ago

BirkeP commented 2 years ago

Hello,

I am quite interested in your project and have been tinkering with getting it to work for quite some hours now.

So to set the stage: I using a Raspberry Pi 4B 4Gig Ram, been testing with Ubuntu 18.04, 20.04 and 22.04, only with 18.04 i didn't get a Failed to build cryptography wheel error.

Now i have a working service, that logs service (ab)use, but it fails to send alerts over SMTP. I get the following error when starting the service and i wonder, what others check are there then checking the convention of a mail address.

I also added the top half of my config, which is the only part i've actually edited. Canaryconf.txt

I hope you will get back to me with any hints to fixing this 👯

Ps. I've redacted sensitive information and replaced by an X

(env) Webserver@X:~$ opencanaryd --start ** We hope you enjoy using OpenCanary. For more open source Canary goodness, head over to canarytokens.org. ** [-] Using config file: opencanary.conf --- Logging error --- Traceback (most recent call last): File "/usr/lib/python3.8/logging/handlers.py", line 1021, in emit smtp.send_message(msg) File "/usr/lib/python3.8/smtplib.py", line 979, in send_message return self.sendmail(from_addr, to_addrs, flatmsg, mail_options, File "/usr/lib/python3.8/smtplib.py", line 894, in sendmail raise SMTPRecipientsRefused(senderrs) smtplib.SMTPRecipientsRefused: {'X@gmail.com': (550, b'Invalid recipient: <X@gmail.com>')} Call stack: File "/home/Webserver/env/bin/twistd", line 8, in <module> sys.exit(run()) File "/home/Webserver/env/lib/python3.8/site-packages/twisted/scripts/twistd.py", line 31, in run app.run(runApp, ServerOptions) File "/home/Webserver/env/lib/python3.8/site-packages/twisted/application/app.py", line 674, in run runApp(config) File "/home/Webserver/env/lib/python3.8/site-packages/twisted/scripts/twistd.py", line 25, in runApp runner.run() File "/home/Webserver/env/lib/python3.8/site-packages/twisted/application/app.py", line 381, in run self.application = self.createOrGetApplication() File "/home/Webserver/env/lib/python3.8/site-packages/twisted/application/app.py", line 453, in createOrGetApplication application = getApplication(self.config, passphrase) File "/home/Webserver/env/lib/python3.8/site-packages/twisted/application/app.py", line 464, in getApplication application = service.loadApplication(filename, style, passphrase) File "/home/Webserver/env/lib/python3.8/site-packages/twisted/application/service.py", line 416, in loadApplication application = sob.loadValueFromFile(filename, 'application') File "/home/Webserver/env/lib/python3.8/site-packages/twisted/persisted/sob.py", line 177, in loadValueFromFile eval(codeObj, d, d) File "/home/Webserver/env/bin/opencanary.tac", line 145, in <module> start_mod(application, klass) File "/home/Webserver/env/bin/opencanary.tac", line 101, in start_mod logMsg({'logdata': msg}) File "/home/Webserver/env/bin/opencanary.tac", line 121, in logMsg logger.log(data, retry=False) File "/home/Webserver/env/lib/python3.8/site-packages/opencanary/logger.py", line 175, in log self.logger.warn(json.dumps(logdata, sort_keys=True)) Message: '{"dst_host": "", "dst_port": -1, "local_time": "2022-07-25 08:59:16.714640", "local_time_adjusted": "2022-07-25 08:59:16.714725", "logdata": {"msg": {"logdata": "Added service from class CanaryFTP in opencanary.modules.ftp to fake"}}, "logtype": 1001, "node_id": "WebProd12", "src_host": "", "src_port": -1, "utc_time": "2022-07-25 08:59:16.714705"}'Arguments: () {"dst_host": "", "dst_port": -1, "local_time": "2022-07-25 08:59:16.714640", "local_time_adjusted": "2022-07-25 08:59:16.714725", "logdata": {"msg": {"logdata": "Added service from class CanaryFTP in opencanary.modules.ftp to fake"}}, "logtype": 1001, "node_id": "WebProd12", "src_host": "", "src_port": -1, "utc_time": "2022-07-25 08:59:16.714705"}

jayjb commented 2 years ago

Hi @BirkeP,

Thanks for giving Opencanary a shot. Looking at your config file, and the exception you provided (thanks!), it looks like the credentials you have added for the SMTP service are invalid.

Essentially, this line

smtplib.SMTPRecipientsRefused: {'X@gmail.com': (550, b'Invalid recipient: <X@gmail.com>')}

is telling us that it tried to send an email alert but failed because the recipient user X@gmail.com, is invalid.

For SMTP to work, you would need to make sure that your SMTP setup has valid details throughout (you can read more about it over here)

Please let me know if this helps at all.

BirkeP commented 2 years ago

@jayjb

Thank you for getting back to my issue to so fast! It issue was on the Smtp server i was using and now it is running!

I will not try and fine tune it to my needs, as it send me a good 15 emails in the span of minutes :D