mirror of
https://github.com/vimagick/dockerfiles
synced 2024-06-28 17:51:24 +00:00
44 lines
745 B
Markdown
44 lines
745 B
Markdown
![]() |
cowrie
|
||
|
======
|
||
|
|
||
|
[`Cowrie`][1] is a medium interaction SSH honeypot designed to log brute force attacks
|
||
|
and, most importantly, the entire shell interaction performed by the attacker.
|
||
|
|
||
|
`Cowrie` is directly based on [`Kippo`][2] by Upi Tamminen (desaster).
|
||
|
|
||
|
## docker-compose.yml
|
||
|
|
||
|
```
|
||
|
cowrie:
|
||
|
image: vimagick/cowrie
|
||
|
ports:
|
||
|
- "2222:2222"
|
||
|
volumes:
|
||
|
- log:/home/cowrie/log
|
||
|
restart: always
|
||
|
```
|
||
|
|
||
|
## server
|
||
|
|
||
|
```
|
||
|
$ cd ~/fig/cowrie
|
||
|
$ tree -F
|
||
|
.
|
||
|
├── docker-compose.yml
|
||
|
└── log/
|
||
|
└── tty/
|
||
|
$ docker-compose up -d
|
||
|
$ tail -f log/cowrie.log
|
||
|
```
|
||
|
|
||
|
## client
|
||
|
|
||
|
```
|
||
|
$ ssh -p 2222 root@server
|
||
|
```
|
||
|
|
||
|
> You can login as `root:root` or `root:123456`.
|
||
|
|
||
|
[1]: https://github.com/micheloosterhof/cowrie
|
||
|
[2]: http://github.com/desaster/kippo/
|