- Description
- Setup - The basics of getting started with cowrie
- Usage - Configuration options and additional functionality
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
A module to add a cowrie honeypot
This module ensures that git is installed, clones the cowrie repo and configures it. In doing so it ensures that python2.7, pip and virtualenv are installed; it also installs supervisord.
mhn_cowrie{'cowrie':
hpf_server => 'mhn.local',
hpf_id => '91ded218-eaec-11e9-954a-000c299b8253',
hpf_secret => 'LId9U19VHuQOUnTU',
}
The following is a full usage case where every parameter is configured
mhn_cowrie{'cowrie':
user => 'cowrie',
ssh_port => 2232
hpf_server => 'mhn.local',
hpf_port => 4237,
hpf_id => '91ded218-eaec-11e9-954a-000c299b8253',
hpf_secret => 'LId9U19VHuQOUnTU',
telnet_port => 2223,
}
The user that the cowrie service will be run as.
Defaults to 'cowrie'.
The port where cowrie will listen for ssh connections.
Defaults to 2222.
The HPFeeds server, in the intended use-case this will be the MHN server.
The port where your HPF server accepts reports.
Defaults to 10000.
The UUID that this honeypot will report as to the HPF server.
The secret that this honeypot will use to communicate with the HPF server.
The ports where cowrie will listen for telnet connections.
Defaults to undef.
If you want cowrie to listen on port 22 you should make the appropriate changes somewhere else in you manifest:
- Change the port that the real ssh service listens on
- Make the appropriate changes in the firewall
This module is only tested con CentOS7. It might work on other RHEL7 based distros but there are no warranties.
Any contributions are welcome in the form of Pull Requests on the main github repo.