hoellen/dockerfiles
1
0
Fork 0
mirror of https://github.com/hoellen/dockerfiles.git synced 2025-04-20 04:19:18 +00:00
Code Issues Projects Releases Wiki Activity
dockerfiles/cowrie
History
Wonderfall d835e9d8f3 cowrie: avoid pid clashes
2016-05-16 21:36:08 +02:00
..
Dockerfile
cowrie: fixes
2016-05-15 01:13:06 +02:00
README.md
add cowrie honeypot
2016-05-14 23:49:46 +02:00
run.sh
cowrie: avoid pid clashes
2016-05-16 21:36:08 +02:00

README.md

wonderfall/cowrie

What is this?

Cowrie is a medium interaction SSH honeypot designed to log brute force attacks and the shell interaction performed by the attacker. Cowrie is based on Kippo.

Build-time variables

  • MPFR_VERSION : GNU MPFR version.
  • MPC_VERSION : GNU MPC version.
  • GPG_ : fingerprints of signing keys.
  • SHA_ : fingerprints of tarballs

Environment variables

  • HOSTNAME : the hostname displayed in the honeypot.
  • DL_LIMIT : the maximum size (in bytes!) of a stored downloaded file (0 = no limit).
  • FACING_IP : your IP (you have to set it manually because cowrie fails to detect it when running in Docker).
  • JSON_LOG : disables json logging if set to False.

Volumes

  • /cowrie/dl : where downloads are stored.
  • /cowrie/log : cowrie and tty sessions logs.
  • /cowrie/custom : feel free to customize cowrie structure.

Docker compose (example)

cowrie:
  image: wonderfall/cowrie
  ports:
    - "2222:2222"
  volumes:
    - /mnt/cowrie/dl:/dl
    - /mnt/cowrie/log:/log
  environment:
    - HOSTNAME=foobar
    - DL_LIMIT=2048
    - FACING_IP=9.9.9.9
    - JSON_LOG=False
    - GID=1000
    - UID=1000