February 7, 2012

Artillery 0.3 Alpha Released – A Honeypot Coded by ReL1K #Tools

Artillery 0.3 honeypot

Dave Kennedy a.k.a ReL1K of secmaniac.com has just released Artillery 0.3 Alpha Release which is a honeypot / monitoring / prevention / intrusion detection tool that is used for protecting Linux servers and systems. The new alpha release includes SMTP support, descriptive banned message, etc.

###########################

Below is the complete changelog

###########################
* added a check for ssh brute force on or off
* fixed a bug that referenced iptables chain INPU instead of ARTILLERY
* added the artillery chain to INPUT each time artillery starts
* cleaned up some old code in honeypot.py that was no longer needed
* added better descriptions around why a specific IP address would be blocked
* added timestamp data to when IP addresses are blocked in both email notifications as well as standard log under /var/artillery/log/
* added support for SMTP versus just gmail
* added a check in artillery for ssh brute on or off

To install artillery type this in your terminal:
svn co http://svn.secmaniac.com/artillery artillery/

cd artillery

chmod +x installer.py

./installer.py

intrusion+detection

To configure the settings for monitoring your system using artillery, you can edit the configuration file under /var/artillery/config.

No comments:

Post a Comment

-