Add README.md
This commit is contained in:
parent
a59d57cf0d
commit
56abf7dc91
|
|
@ -0,0 +1,71 @@
|
||||||
|
# Honeypot Cowrie
|
||||||
|
# ssh
|
||||||
|
apt install openssh-server
|
||||||
|
sudo nano /etc/ssh/sshd_config (ganti port ssh)
|
||||||
|
systemctl restart sshd
|
||||||
|
# honeypot
|
||||||
|
sudo apt update && sudo apt upgrade -y
|
||||||
|
sudo apt-get install git python3-virtualenv libssl-dev libffi-dev build-essential libpython3-dev python3-minimal authbind virtualenv
|
||||||
|
sudo apt install python3-venv && sudo apt install python-is-python3
|
||||||
|
sudo adduser --disabled-password cowrie
|
||||||
|
sudo su – cowrie
|
||||||
|
git clone http://github.com/cowrie/cowrie
|
||||||
|
cd cowrie
|
||||||
|
python -m venv cowrie-env
|
||||||
|
source cowrie-env/bin/activate
|
||||||
|
python -m pip install --upgrade pip & python -m pip install --upgrade -r requirements.txt
|
||||||
|
# konfigurasi
|
||||||
|
cd /home/cowrie/cowrie/etc
|
||||||
|
cp cowrie.cfg.dist cowrie.cfg && cp /cowrie/etc/userdb.example userdb.txt
|
||||||
|
nano cowrie.cfg (ganti hostname, tambahkan api telegram dan chat id)
|
||||||
|
exit
|
||||||
|
sudo apt-get install authbind
|
||||||
|
sudo touch /etc/authbind/byport/22
|
||||||
|
sudo chown cowrie:cowrie /etc/authbind/byport/22
|
||||||
|
sudo chmod 770 /etc/authbind/byport/22
|
||||||
|
sudo apt install supervisor -y
|
||||||
|
nano /etc/supervisor/conf.d/cowrie.conf
|
||||||
|
# Port Knocking
|
||||||
|
apt install knockd
|
||||||
|
nano /etc/default/knockd (ganti menjadi seperti ini. start knockd=1 knockd_opt"- (interface network)")
|
||||||
|
nano /etc/knockd.conf (ganti --dport 22 menjadi port ssh)
|
||||||
|
systemctl start knockd && systemctl enable knockd
|
||||||
|
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
|
||||||
|
sudo iptables -A INPUT -p tcp --dport (port ssh) -j REJECT
|
||||||
|
apt install iptables-persistent
|
||||||
|
iptables-save -c > /etc/iptables/rules.v4
|
||||||
|
# Snort
|
||||||
|
mkdir snort && cd snort
|
||||||
|
apt install -y gcc libpcre3-dev zlib1g-dev libluajit-5.1-dev libpcap-dev openssl libssl-dev libnghttp2-dev libdumbnet-dev bison flex libdnet autoconf libtool
|
||||||
|
wget https://snort.org/downloads/snort/daq-2.0.7.tar.gz
|
||||||
|
tar -xvzf daq-2.0.7.tar.gz && cd daq-2.0.7
|
||||||
|
autoreconf -f -i
|
||||||
|
./configure && make && sudo make install
|
||||||
|
apt install snort -y
|
||||||
|
sudo nano /etc/snort/snort.conf
|
||||||
|
sudo nano /etc/snort/rules/local.rules
|
||||||
|
sudo nano /etc/snort/rules/nmap.rules
|
||||||
|
sudo nano /etc/snort/snort.debian.conf
|
||||||
|
sudo snort -T -c /etc/snort/snort.conf
|
||||||
|
# telegram
|
||||||
|
Buat bot telegram dengan bot father dan chat bot yang sudah dibuat untuk mendapatkan chat id
|
||||||
|
https://api.telegram.org/bot(token bot anda)/getUpdates
|
||||||
|
https://api.telegram.org/bot(token bot)/sendMessage?chat_id=(chat id)&text=Coba aja
|
||||||
|
# konfigurasi telegram
|
||||||
|
git clone https://github.com/gagaltotal/Snort-Bot- Telegram-Shell
|
||||||
|
cd Snort-Bot-Telegram-Shell
|
||||||
|
chmod 777 bot-tele.sh
|
||||||
|
nano bot-tele.sh
|
||||||
|
nano src/cowrie/output/telegram.py
|
||||||
|
cd /home/(user)/ Snort-Bot-Telegram-Shell
|
||||||
|
./bot-tele.sh
|
||||||
|
sudo snort -i enp0s3 -c /etc/snort/snort.conf -l /var/log/snort -d -A console > /home/kz/log-tele.txt
|
||||||
|
sudo apt install cockpit
|
||||||
|
systemctl start cockpit && systemctl enable cockpit
|
||||||
|
ufw allow 9090/tcp
|
||||||
|
# mikrotik
|
||||||
|
konfigurasi awal mikrotik (cari aja di google)
|
||||||
|
# open vpn mikrotik
|
||||||
|
https://web.tunnel.my.id/
|
||||||
|
buat akun dan buat profil vpn
|
||||||
|
konfigurasi nat buat port forwarding
|
||||||
Loading…
Reference in New Issue