Forge Home

mhn_dionaea

Module for adding a dionaea sensor to mhn

1,925 downloads

1,925 latest version

1.6 quality score

Version information

  • 0.1.0 (latest)
released Oct 30th 2019
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x
  • Puppet >= 6.10.0 < 7.0.0

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'mcenturion-mhn_dionaea', '0.1.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add mcenturion-mhn_dionaea
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install mcenturion-mhn_dionaea --version 0.1.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

mcenturion/mhn_dionaea — version 0.1.0 Oct 30th 2019

mhn_dionaea

Table of Contents

  1. Description
  2. Beginning with mhn_dionaea
  3. Usage - Configuration options and additional functionality
  4. Limitations - OS compatibility, etc.
  5. Development - Guide for contributing to the module

Description

A module to add a dionaea honeypot

Beginning with mhn_dionaea

mhn_dionaea{'dionaea':
    hpf_server => 'mhn.local',
    hpf_id     => '91ded218-eaec-11e9-954a-000c299b8253',
    hpf_secret => 'LId9U19VHuQOUnTU',
}

Usage

In addition to the hpf_server, hpf_id and hpf_secret, you can also set the hpf_port:

mhn_dionaea{'dionaea':
    hpf_server => 'mhn.local',
    hpf_id     => '91ded218-eaec-11e9-954a-000c299b8253',
    hpf_secret => 'LId9U19VHuQOUnTU',
    hpf_port   => 2187,
}

By default, the mhn_dionaea resource only enables the ftp, smb and http services. You can enable any of the available services simply by passing an array of those you want enabled. Note that any service not declared will be disabled.

mhn_dionaea{'dionaea':
    hpf_server => 'mhn.local',
    hpf_id     => '91ded218-eaec-11e9-954a-000c299b8253',
    hpf_secret => 'LId9U19VHuQOUnTU',
    services   => ['memcache','mongo','mssql'],
}

Reference

mhn_dionaea

Parameters

hpf_server

The HPFeeds server, in the intended use-case this will be the MHN server.

hpf_port

The port where your HPF server accepts reports.

Defaults to 10000

hpf_id

The UUID that this honeypot will report as to the HPF server.

hpf_secret

The secret that this honeypot will use to communicate with the HPF server.

services

An array containing all the services that will be enabled. Its type is Array[Enum['blackhole','ftp','memcache','mongo','mssql','pptp','smb','upnp','epmap','http','mirror','mqtt','mysql','sip','tftp']]

Limitations

mhn_dionaea can't manage the firewall to enable ports for either the blackhole or mirror services. If you want to use those, you have to enable the required ports elsewhere.

This module is only tested con CentOS7. It might work on other RHEL7 based distros but there are no warranties.

Development

Any contributions are welcome in the form of Pull Requests on the main github repo.