Help capture SSH Honeypot details and valid username and passwords used

Standard

Using this post, http://edgis-security.org/honeypot/kippo-01-getting-started/ , I have setup a SSH Honeypot with Kippo.
If you want, you can forward traffic from your own servers to mine and see the results of the SSH capture @ http://info.sethleedy.name/kippo/

Use this in your IPTables to forward your own port 22 traffic to mine @ IP 74.219.241.248 4.49.115.54.

Change ethernet device to match yours.

Remember to save your iptables for after reboot. iptables-save
Also, you better set this: sysctl net.ipv4.ip_forward=1 OR echo “1” > /proc/sys/net/ipv4/ip_forward

You can achive the same forwarding results by using
redir ( http://linux.die.net/man/1/redir )
or
socat ( http://linux.die.net/man/1/socat )
without making use of ip_forward, NAT and masquerading.

1,057 total views, 1 views today

Loading Comments…
more
Allowed HTML tags and attributes: <a href="" title=""> <blockquote> <code> <em> <strong>