2.9 KiB

Raw Permalink Blame History

Honeypot Cowrie

ssh

apt install openssh-server sudo nano /etc/ssh/sshd_config (ganti port ssh) systemctl restart sshd

honeypot

sudo apt update && sudo apt upgrade -y sudo apt-get install git python3-virtualenv libssl-dev libffi-dev build-essential libpython3-dev python3-minimal authbind virtualenv sudo apt install python3-venv && sudo apt install python-is-python3 sudo adduser --disabled-password cowrie sudo su – cowrie git clone http://github.com/cowrie/cowrie cd cowrie python -m venv cowrie-env source cowrie-env/bin/activate python -m pip install --upgrade pip & python -m pip install --upgrade -r requirements.txt

konfigurasi

cd /home/cowrie/cowrie/etc cp cowrie.cfg.dist cowrie.cfg && cp /cowrie/etc/userdb.example userdb.txt nano cowrie.cfg (ganti hostname, tambahkan api telegram dan chat id) exit sudo apt-get install authbind sudo touch /etc/authbind/byport/22 sudo chown cowrie:cowrie /etc/authbind/byport/22 sudo chmod 770 /etc/authbind/byport/22 sudo apt install supervisor -y nano /etc/supervisor/conf.d/cowrie.conf

Port Knocking

apt install knockd nano /etc/default/knockd (ganti menjadi seperti ini. start knockd=1 knockd_opt"- (interface network)") nano /etc/knockd.conf (ganti --dport 22 menjadi port ssh) systemctl start knockd && systemctl enable knockd sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT sudo iptables -A INPUT -p tcp --dport (port ssh) -j REJECT apt install iptables-persistent iptables-save -c > /etc/iptables/rules.v4

Snort

mkdir snort && cd snort apt install -y gcc libpcre3-dev zlib1g-dev libluajit-5.1-dev libpcap-dev openssl libssl-dev libnghttp2-dev libdumbnet-dev bison flex libdnet autoconf libtool wget https://snort.org/downloads/snort/daq-2.0.7.tar.gz tar -xvzf daq-2.0.7.tar.gz && cd daq-2.0.7 autoreconf -f -i ./configure && make && sudo make install apt install snort -y sudo nano /etc/snort/snort.conf sudo nano /etc/snort/rules/local.rules sudo nano /etc/snort/rules/nmap.rules sudo nano /etc/snort/snort.debian.conf sudo snort -T -c /etc/snort/snort.conf

Buat bot telegram dengan bot father dan chat bot yang sudah dibuat untuk mendapatkan chat id https://api.telegram.org/bot(token bot anda)/getUpdates https://api.telegram.org/bot(token bot)/sendMessage?chat_id=(chat id)&text=Coba aja

konfigurasi telegram

git clone https://github.com/gagaltotal/Snort-Bot- Telegram-Shell cd Snort-Bot-Telegram-Shell chmod 777 bot-tele.sh nano bot-tele.sh nano src/cowrie/output/telegram.py cd /home/(user)/ Snort-Bot-Telegram-Shell ./bot-tele.sh sudo snort -i enp0s3 -c /etc/snort/snort.conf -l /var/log/snort -d -A console > /home/kz/log-tele.txt sudo apt install cockpit systemctl start cockpit && systemctl enable cockpit ufw allow 9090/tcp

mikrotik

konfigurasi awal mikrotik (cari aja di google)

open vpn mikrotik

https://web.tunnel.my.id/ buat akun dan buat profil vpn konfigurasi nat buat port forwarding

2.9 KiB Raw Permalink Blame History Unescape Escape