Daniel Roberson - anatomyofreallinuxintrusion_mitmhoneypot-alonso2016

Daniel Roberson

anatomyofreallinuxintrusion_mitmhoneypot-alonso2016

0001-01-01

Anatomy of a Real Linux Intrusion Part I: Running a MiTM SSH honeypot

by Angel Anonso

September 15, 2016

https://blog.angelalonso.es/2016/09/anatomy-of-real-linux-intrusion-part-i.html

Notes
Linux malware
Linux
MiTM
honeypot
SSH
trojan
rootkit
Sebek
hooking
system call
Dublin City University
Kippo
Raspberry Pi
ISP
WiFi
Raspberry Pi 3 model B
honssh - Kippo fork
Raspbian
router
Raspberry Pi 2
firewall
NAT
port 22
Debian
iptables
HTTP, NTP, DNS
sshd key
openssh-server
cron

Links to this note

Notes

Recent Posts

Linux Hardening: SSH

2025-03-06 DFIR SSH hardening linux hardening SSH PAM

Linux Anti-Forensics: Timestomping

2025-03-05 DFIR linux anti-forensics

Finding Bad with Linux Package Managers

2025-03-03 DFIR linux persistence

Linux Persistence: Startup Scripts

2024-11-10 DFIR CTF linux persistence systemd SysV init startup script

Linux Persistence: Cron

2024-11-10 DFIR CTF linux persistence cron