Set up various honeypot servers
- iplog - TCP/IP traffic logger.
- Cowrie - SSH and Telnet honeypot (port 22, 23).
- Mailoney - SMTP-AUTH honeypot (port 587).
- Postfix - SMTP open relay mail server (port 25).
- Wordpot - Wordpress honeypot (port 80 via Nginx).
- UDPot - DNS honeypot (port 53).
- CentOS 7.x
- sshd is running without port 22
- Ansible 2.2+
For local development environment:
- VirtualBox
- Vagrant 1.5+
First of all, install CentOS 7.x to the server.
Change ssh port in /etc/ssh/sshd_config.
Port 10022
Create Ansible inventory file.
$ ${EDITOR} production/inventory
[default]
honeypot.example.com ansible_user=root ansible_port=10022
Run ansible playbook.
$ ansible-playbook -i production/inventory site.yml
Run ansible playbook.
$ vagrant up
$ vagrant provision
- iplog:
/var/log/iplog/iplog - cowrie log:
/var/log/cowrie/ - UDPot log:
/var/log/udpot/db.sqlite3 - Maildir:
/home/honeypot/Maildir/new/ - webmail: http://honeypot.example.com:10081/
- password:
/home/honeypot/.password
- password: