Forge Home

Modules

Resources

PuppetEcosystemPuppet CommunityUpdates

mhn_cowrie

Module for adding a cowrie sensor to mhn
Project URLRSS FeedReport issues

2,636 downloads

1,549 latest version

2.1 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.3.1 (latest)
  • 0.3.0
  • 0.2.1
  • 0.2.0
  • 0.1.0
released Oct 30th 2019
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x
  • Puppet >= 6.10.0 < 7.0.0

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'mcenturion-mhn_cowrie', '0.3.1'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add mcenturion-mhn_cowrie
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install mcenturion-mhn_cowrie --version 0.3.1

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

mcenturion/mhn_cowrie — version 0.3.1 Oct 30th 2019

cowrie

Table of Contents

  1. Description
  2. Setup - The basics of getting started with cowrie
  3. Usage - Configuration options and additional functionality
  4. Limitations - OS compatibility, etc.
  5. Development - Guide for contributing to the module

Description

A module to add a cowrie honeypot

Setup

What cowrie affects

This module ensures that git is installed, clones the cowrie repo and configures it. In doing so it ensures that python2.7, pip and virtualenv are installed; it also installs supervisord.

Beginning with cowrie

mhn_cowrie{'cowrie':
    hpf_server => 'mhn.local',
    hpf_id     => '91ded218-eaec-11e9-954a-000c299b8253',
    hpf_secret => 'LId9U19VHuQOUnTU',
}

Usage

The following is a full usage case where every parameter is configured

mhn_cowrie{'cowrie':
  user        => 'cowrie',
  ssh_port    => 2232
  hpf_server  => 'mhn.local',
  hpf_port    => 4237,
  hpf_id      => '91ded218-eaec-11e9-954a-000c299b8253',
  hpf_secret  => 'LId9U19VHuQOUnTU',
  telnet_port => 2223,
}

Reference

mhn_cowrie

Parameters

user

The user that the cowrie service will be run as.

Defaults to 'cowrie'.

ssh_port

The port where cowrie will listen for ssh connections.

Defaults to 2222.

hpf_server

The HPFeeds server, in the intended use-case this will be the MHN server.

hpf_port

The port where your HPF server accepts reports.

Defaults to 10000.

hpf_id

The UUID that this honeypot will report as to the HPF server.

hpf_secret

The secret that this honeypot will use to communicate with the HPF server.

telnet_ports

The ports where cowrie will listen for telnet connections.

Defaults to undef.

Limitations

If you want cowrie to listen on port 22 you should make the appropriate changes somewhere else in you manifest:

  • Change the port that the real ssh service listens on
  • Make the appropriate changes in the firewall

This module is only tested con CentOS7. It might work on other RHEL7 based distros but there are no warranties.

Development

Any contributions are welcome in the form of Pull Requests on the main github repo.