thinkst / opencanary

Modular and decentralised honeypot
http://opencanary.org
BSD 3-Clause "New" or "Revised" License
2.34k stars 363 forks source link

New services installation and alert. #52

Closed cchauhan14 closed 5 years ago

cchauhan14 commented 6 years ago

Do we need to install any dependencies for new services (SIP, Git), i tried multiple tools to generate traffic for these services on server but i'm not getting logs and alerts. Could you please share some information how we can test these services or which dependencies are required to function these services.

thinkst commented 6 years ago

Hey @cchauhan14,

Sorry to hear you having an issue. Lets see if we can figure this out. Would you mind confirming the following: 1) you can see that the git (9418) and sip (5060) ports are in use when opencanary is running? This will let us know if the protocol are up. 2a) if not, please make sure they are enabled in your configuration file over at ~/.opencanary.conf. 2b) if so, to test git, you can use your normal commandline git cli such as git clone git://<ip_address of opencanary>/testrepo

Please let me know if this works, otherwise we can keep digging

cchauhan14 commented 5 years ago

Yes, git (9418) and sip (5060) ports are up and i can access git successfully, but for SIP i'm unable to find anything to test this service. Could you please suggest a way to test opencanary SIP service.

Thank you Chandan

thinkst commented 5 years ago

Hey @cchauhan14,

Sorry for the delay in my response.

We have tested the SIP module previously using a program called sipvicious. It comes with a python script called svmap.py. You can aim that at your OpenCanary IP and check if it generates alerts.