mhn_dionaea

pdk
Module for adding a dionaea sensor to mhn
Marco Centurión

Marco Centurión

mcenturion

1,551 downloads

1,551 latest version

1.6 quality score

Version information

  • 0.1.0 (latest)
released Oct 30th 2019
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x
  • Puppet >= 6.10.0 < 7.0.0
  • CentOS

Start using this module

Documentation

mcenturion/mhn_dionaea — version 0.1.0 Oct 30th 2019

mhn_dionaea

Table of Contents

  1. Description
  2. Beginning with mhn_dionaea
  3. Usage - Configuration options and additional functionality
  4. Limitations - OS compatibility, etc.
  5. Development - Guide for contributing to the module

Description

A module to add a dionaea honeypot

Beginning with mhn_dionaea

mhn_dionaea{'dionaea':
    hpf_server => 'mhn.local',
    hpf_id     => '91ded218-eaec-11e9-954a-000c299b8253',
    hpf_secret => 'LId9U19VHuQOUnTU',
}

Usage

In addition to the hpf_server, hpf_id and hpf_secret, you can also set the hpf_port:

mhn_dionaea{'dionaea':
    hpf_server => 'mhn.local',
    hpf_id     => '91ded218-eaec-11e9-954a-000c299b8253',
    hpf_secret => 'LId9U19VHuQOUnTU',
    hpf_port   => 2187,
}

By default, the mhn_dionaea resource only enables the ftp, smb and http services. You can enable any of the available services simply by passing an array of those you want enabled. Note that any service not declared will be disabled.

mhn_dionaea{'dionaea':
    hpf_server => 'mhn.local',
    hpf_id     => '91ded218-eaec-11e9-954a-000c299b8253',
    hpf_secret => 'LId9U19VHuQOUnTU',
    services   => ['memcache','mongo','mssql'],
}

Reference

mhn_dionaea

Parameters

hpf_server

The HPFeeds server, in the intended use-case this will be the MHN server.

hpf_port

The port where your HPF server accepts reports.

Defaults to 10000

hpf_id

The UUID that this honeypot will report as to the HPF server.

hpf_secret

The secret that this honeypot will use to communicate with the HPF server.

services

An array containing all the services that will be enabled. Its type is Array[Enum['blackhole','ftp','memcache','mongo','mssql','pptp','smb','upnp','epmap','http','mirror','mqtt','mysql','sip','tftp']]

Limitations

mhn_dionaea can't manage the firewall to enable ports for either the blackhole or mirror services. If you want to use those, you have to enable the required ports elsewhere.

This module is only tested con CentOS7. It might work on other RHEL7 based distros but there are no warranties.

Development

Any contributions are welcome in the form of Pull Requests on the main github repo.