1
0
mirror of https://github.com/vimagick/dockerfiles.git synced 2024-12-25 02:04:06 +02:00

add cowrie

This commit is contained in:
kev 2015-07-22 00:10:52 +08:00
parent c6f891f8e3
commit 1ed02d2cf6
3 changed files with 77 additions and 0 deletions

27
cowrie/Dockerfile Normal file
View File

@ -0,0 +1,27 @@
#
# Dockerfile for cowrie
#
FROM alpine
MAINTAINER kev <noreply@datageek.info>
RUN apk add -U curl \
py-pip \
py-twisted \
tar \
&& pip install pyasn1 \
&& adduser -D cowrie \
&& cd /home/cowrie \
&& curl -sSL https://github.com/micheloosterhof/cowrie/archive/master.tar.gz | tar xz --strip 1 \
&& mv cowrie.cfg.dist cowrie.cfg \
&& chown -R cowrie:cowrie . \
&& apk del curl \
tar \
&& rm -rf /var/cache/apk/*
EXPOSE 2222
USER cowrie
WORKDIR /home/cowrie
CMD ["twistd", "-n", "-l", "log/cowrie.log", "cowrie"]

43
cowrie/README.md Normal file
View File

@ -0,0 +1,43 @@
cowrie
======
[`Cowrie`][1] is a medium interaction SSH honeypot designed to log brute force attacks
and, most importantly, the entire shell interaction performed by the attacker.
`Cowrie` is directly based on [`Kippo`][2] by Upi Tamminen (desaster).
## docker-compose.yml
```
cowrie:
image: vimagick/cowrie
ports:
- "2222:2222"
volumes:
- log:/home/cowrie/log
restart: always
```
## server
```
$ cd ~/fig/cowrie
$ tree -F
.
├── docker-compose.yml
└── log/
└── tty/
$ docker-compose up -d
$ tail -f log/cowrie.log
```
## client
```
$ ssh -p 2222 root@server
```
> You can login as `root:root` or `root:123456`.
[1]: https://github.com/micheloosterhof/cowrie
[2]: http://github.com/desaster/kippo/

View File

@ -0,0 +1,7 @@
cowrie:
image: vimagick/cowrie
ports:
- "2222:2222"
volumes:
- log:/home/cowrie/log
restart: always