History

kev a89af75691 update cowrie		2017-11-05 21:12:30 +08:00
..
arm	update cowrie	2017-11-05 21:12:30 +08:00
Dockerfile	update cowrie	2017-11-05 21:06:52 +08:00
README.md	update cowrie	2017-11-05 21:12:30 +08:00
docker-compose.yml	update cowrie	2017-11-05 21:12:30 +08:00

README.md

cowrie

Cowrie is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.

Cowrie is directly based on Kippo by Upi Tamminen (desaster).

docker-compose.yml

cowrie:
  image: vimagick/cowrie
  ports:
    - "2222:2222"
    - "2223:2223"
  volumes:
    - ./data/dl:/home/cowrie/dl
    - ./data/log:/home/cowrie/log
  restart: always

server

$ cd ~/fig/cowrie
$ mkdir -p data/dl data/log/tty
$ chmod -R 777 data
$ tree -F
.
├── docker-compose.yml
├── dl/
└── log/
    └── tty/
$ docker-compose up -d
$ tail -f log/cowrie.log

client

$ ssh -p 2222 root@server
$ telnet server 2223

You can login as root with any password except root or 123456.