你好,有人知道Dionaea honeypot吗?
我正在尝试将本地收集的二进制信息和蜜罐本地收集的攻击发送到中央服务器,我无法得到它。
我尝试过使用HTTP Post,Python CGI,但我无法得到它。 蜜罐有一个服务,允许您通过HTTP发送数据(submit_http.py: http://src.carnivore.it/dionaea/commit/?id=cfd2be8cf7484c781384648cf1c9223afc2bd3c1),我在中央服务器上有一个PHP文件,最初是为猪笼草开发的(submit.php:http://www.remoteroot.net/2008/07/21/nepenthes-submit-http-server-with-file-upload/)并希望通过HTTP POST接收文件以及有关每个攻击相关参数的信息。 为什么submit.php不起作用?!
我有这样的dionaea.conf:
submit_http = {
url = "http://central_machine_IP/submit.php"
email = "zzzzzzzz@yyyyy.com"
user = "uuuuuuu"
pass = "xxxxxxxxxxx"
}
答案 0 :(得分:0)
dionaea日志错误:
[10022011 17:51:14] curl module.c:202: DOWNLOAD DONE:
http://xxx.xxx.xxx.xxx/yyy => (0)
[10022011 17:51:14] logsql dionaea/logsql.py:601: complete for attackid 5241
[10022011 17:51:14] test dionaea/test.py:51: your configuration lacks urls
to submit to defaults
[10022011 17:51:14] python module.c:959: NameError at NameError("global name
'submithttp_report' is not defined",)
[10022011 17:51:14] python module.c:984:
/opt/dionaea/lib/dionaea/python/dionaea/submit_http.py:56 in
handle_incident_dionaea_download_complete_unique
[10022011 17:51:14] python module.c:985: mr =
submithttp_report(i.sha512, i.md5, icd.file)
[10022011 17:51:14] python module.c:984: binding.pyx:975 in
dionaea.core.c_python_ihandler_cb (binding.c:8605)
[10022011 17:51:14] python module.c:985: None
隐藏了原始ip