From 8890bcd6f674240edc6e412fc98977c969981813 Mon Sep 17 00:00:00 2001 From: Michel Oosterhof Date: Sat, 28 Jul 2018 19:22:09 +0400 Subject: [PATCH] wording changes --- INSTALL.md | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/INSTALL.md b/INSTALL.md index e01556d7..6b030dbe 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -66,14 +66,14 @@ Next you need to create your virtual environment: ``` $ pwd /home/cowrie/cowrie -$ virtualenv cowrie-env +$ virtualenv --python=python3 cowrie-env New python executable in ./cowrie/cowrie-env/bin/python Installing setuptools, pip, wheel...done. ``` -Alternatively, create a Python3 virtual environment (under development) +Alternatively, create a Python2 virtual environment ``` -$ virtualenv --python=python3 cowrie-env +$ virtualenv --python=python2 cowrie-env New python executable in ./cowrie/cowrie-env/bin/python Installing setuptools, pip, wheel...done. ``` @@ -137,8 +137,7 @@ The following firewall rule will forward incoming traffic on port 22 to port 222 $ sudo iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 2222 ``` -Note that you should test this rule only from another host; it -doesn't apply to loopback connections. Alternatively you can run +Note that you should test this rule only from another host; it doesn't apply to loopback connections. Alternatively you can run authbind to listen as non-root on port 22 directly: ``` @@ -147,9 +146,14 @@ $ sudo touch /etc/authbind/byport/22 $ sudo chown cowrie:cowrie /etc/authbind/byport/22 $ sudo chmod 770 /etc/authbind/byport/22 ``` +* Edit bin/cowrie and modify the AUTHBIND_ENABLED setting +* Change listen_port to 22 in cowrie.cfg Or for telnet: - +``` +$ sudo iptables -t nat -A PREROUTING -p tcp --dport 23 -j REDIRECT --to-port 2223 +``` +with authbind: ``` $ apt-get install authbind $ sudo touch /etc/authbind/byport/23 @@ -157,9 +161,6 @@ $ sudo chown cowrie:cowrie /etc/authbind/byport/23 $ sudo chmod 770 /etc/authbind/byport/23 ``` -* Edit bin/cowrie and modify the AUTHBIND_ENABLED setting -* Change listen_port to 22 in cowrie.cfg - ## Running using Supervisord (OPTIONAL) On Debian, put the below in /etc/supervisor/conf.d/cowrie.conf @@ -199,7 +200,7 @@ See ~/cowrie/doc/[Output Plugin]/README.md for details. ## Troubleshooting * If you see `twistd: Unknown command: cowrie` there are two -possibilities. If there's a python stack trace, it probably means +possibilities. If there's a Python stack trace, it probably means there's a missing or broken dependency. If there's no stack trace, double check that your PYTHONPATH is set to the source code directory. * Default file permissions @@ -208,8 +209,7 @@ To make Cowrie logfiles public readable, change the ```--umask 0077``` option in # Updating Cowrie -Updating is an easy process. First stop your honeypot. Then fetch updates from GitHub, as a next step upgrade your Python dependencies. - +Updating is an easy process. First stop your honeypot. Then fetch updates from GitHub, and upgrade your Python dependencies. ``` bin/cowrie stop git pull @@ -218,7 +218,6 @@ bin/cowrie start ``` If you use output plugins like SQL, Splunk, or ELK, remember to also upgrade your dependencies for these too. - ``` pip install --upgrade -r requirements-output.txt ```