HonSSH是一個(gè)高交互蜜罐解決方案，在攻擊者與蜜罐之間，可以創(chuàng)建兩個(gè)獨(dú)立的SSH鏈接，它的特點(diǎn)如下：

1、捕獲所有鏈接嘗試，并記錄到文本文件中。

2、當(dāng)攻擊者發(fā)起密碼嘗試的時(shí)候，HonSSH可以自動(dòng)更換他們的密碼(spoof_login)，讓他們以為自己猜測到正確的密碼。

3、所有交互都會(huì)記錄到，可以使用Kippo playlog重放。

4、攻擊者的會(huì)話都捕獲在一個(gè)文本文件中。

5、可以使用telnet實(shí)時(shí)查看會(huì)話。

安裝：

CONF文件配置如下：

#
# ConSSH configuration file (conssh.cfg)
#
[honeypot]

# IP addresses to listen for incoming SSH connections.
#
ssh_addr = 192.168.0.2

# Port to listen for incoming SSH connections.
#
# (default: 2222)
ssh_port = 22

# IP addresses to send outgoing SSH connections.
#
client_addr = 192.168.1.1

# IP addresses of the honeypot.
#
honey_addr = 192.168.1.2

# Directory where to save log files in.
#
# (default: logs)
log_path = logs

# Directory where to save session files in.
#
# (default: sessions)
session_path = sessions

# Public and private SSH key files.
#
public_key = id_rsa.pub
private_key = id_rsa

# Session management interface.
#
# This is a telnet based service that can be used to interact with active
# sessions. Disabled by default.
#
# (default: false)
interact_enabled = true
# (default: 127.0.0.1)
interact_interface = 127.0.0.1
# (default: 5123)
interact_port = 5123

# Spoof password?
#
# (default: false)
spoof_login = true

# Actual login password for the honey pot.
# 
# e.g. if the attacker uses the password "hello" this would replace
#      it with "goodbye" (the actual honeypot password)
spoof_pass = goodbye

[extras]

# Enables Voice
# If enabled will speak about incoming connections.
# Requires espeak and python-espeak
# 
# (default: false)
voice = true

運(yùn)行：./start.sh