Markchai
杏花疏影里,吹笛到天明。
Markchai 的博客

部署一个假的 SSH - FakeSSH

有时候你会发现你的服务器天天被扫描,不胜其烦。出于好奇,想看看这些脚本小子天天用的是什么密码来做字典攻击,顺便白嫖字典,这时候,FakeSSH就排上用场了。

一个用GO开发的,可以docker运行的蜜罐SSH服务,用来记录所有的登录尝试。由于程序会永远把密码验证结果置为失败,所以攻击者不会获得控制终端的机会。

部署

首先把现有的ssh端口挪走。

sudo vim /etc/ssh/sshd_config

然后编辑文件:

#找到这行
Port 22 #这里改成你想要的其他端口

接着把 FakeSSH 挂到 Docker 上。

version: '3'
services:
  fakessh:
    container_name: fakessh
    image: fffaraz/fakessh
    restart: always
    ports:
      - 22:22
    command: /log
    volumes:
      - /docker/fakessh/log:/log
    networks:
      erixProd:
        ipv4_address:  0.0.0.0
networks:
  erixProd:
    external: true

这样我们的假 sshd 就在 22 端口跑起来了(可以开始观猴了)

发表回复

textsms
account_circle
email

  • Markchai博主

    还有一个类似的:假的bash环境
    jaksi/sshsame

    5 月前 回复
  • Very interesting info!Perfect just what I was searching for!Raise blog range

    2 月前 回复
  • excellent submit, very informative. I wonder why the opposite specialists of this sector don't understand this. You should continue your writing. I'm confident, you have a huge readers' base already!

    2 月前 回复
  • For applications in corrosive environments, Elite Pipe Factory offers titanium pipes that provide unmatched strength and resistance. These pipes are ideal for industries requiring superior performance under harsh conditions. Our dedication to quality makes Elite Pipe Factory a leading choice in Iraq for titanium pipes. Discover more about our products at elitepipeiraq.com.

    3 周前 回复

Markchai 的博客

部署一个假的 SSH - FakeSSH
有时候你会发现你的服务器天天被扫描,不胜其烦。出于好奇,想看看这些脚本小子天天用的是什么密码来做字典攻击~~,顺便白嫖字典~~,这时候,FakeSSH就排上用场了。 > 一个用GO开发…
扫描二维码继续阅读
2024-06-01

Optimized by WPJAM Basic