未加星标

Glastopf - Web Application Honeypot

字体大小 | |
[数据库(mysql) 所属分类 数据库(mysql) | 发布者 店小二03 | 时间 2016 | 作者 红领巾 ] 0人收藏点击收藏

Glastopf - Web Application Honeypot

I bought an old battered PC over the weekend with the goal of installing a honeypot. I had never installed a honeypot before so wasn't quite sure what to expect. At first I decided on Dionaea the succsesor to Nepenthes, I had heard great things about Nepenthes from a friend of mine ( Infosanity ). After going through the installation process, I couldn't get Dionaea to 'make' with the right python version detected (> 3.0), after about an hour of playing around I decided to give Glastopf a try.

Glastopf is a Honeypot which emulates thousands vulnerabilities to gather data from attacks targeting web applications. The principle behind it is very simple: Reply the correct response to the attacker exploiting the web application. The project has been kicked off by Lukas Rist around one year ago and the results we are got during this time are very promising and an incentive to put even more effort in the development of this unique tool.

Glastopf was very easy to install and configure, I simply downloaded the subversion trunk and ran it with "sudo python webserver.py". Glastopf was up and running however not configured. Glastopf gives you the option to save the honeypot logs to a mysql database, for this all you have to do is install MySQL and python-mysql, set up the database/tables and add the 'mysql.py' plugin to the configuration file. Glastopf provides you with the table structure already set out in the '/structure/log.sql' file, to import the file I used 'mysql-navigator' (sudo apt-get install mysql-navigator), mysql-navigator is a GUI client for MySQL, you can however just use the MySQL command line client.

All I had to do now was forward port 80 on my router to the machine with Glastopf running on it. I will now leave the machine running for a few days and hopefully come back with some statistics, which I will of course be posting and making pretty little graphs out of. :) If the initial statistics and hits are positive I will try to keep the honeypot running indefinitely and some how link the stats to the blog.

本文数据库(mysql)相关术语:navicat for mysql mysql workbench mysql数据库 mysql 存储过程 mysql安装图解 mysql教程 mysql 管理工具

主题: SQLMySQLPython
分页:12
转载请注明
本文标题:Glastopf - Web Application Honeypot
本站链接:http://www.codesec.net/view/481293.html
分享请点击:


1.凡CodeSecTeam转载的文章,均出自其它媒体或其他官网介绍,目的在于传递更多的信息,并不代表本站赞同其观点和其真实性负责;
2.转载的文章仅代表原创作者观点,与本站无关。其原创性以及文中陈述文字和内容未经本站证实,本站对该文以及其中全部或者部分内容、文字的真实性、完整性、及时性,不作出任何保证或承若;
3.如本站转载稿涉及版权等问题,请作者及时联系本站,我们会及时处理。
登录后可拥有收藏文章、关注作者等权限...
技术大类 技术大类 | 数据库(mysql) | 评论(0) | 阅读(34)