ssh-auth-logger Logo

ssh-auth-logger

0
Free
Visit Website

A low/zero interaction ssh authentication logging honeypot. Structured logging ssh-auth-logger logs all authentication attempts as json making it easy to consume in other tools. No more ugly openssh log parsing vulnerabilities. This is normally logged on one line { "client_version": "SSH-2.0-libssh2_1.4.3", "destinationServicename": "sshd", "dpt": "22", "dst": "192.168.1.2", "duser": "root", "level": "info", "msg": "Request with password", "password": "P@ssword1", "product": "ssh-auth-logger", "server_version": "SSH-2.0-OpenSSH_5.3", "spt": "38624", "src": "192.168.1.4", "time": "2017-11-17T19:16:37-05:00" }

FEATURES

ALTERNATIVES

Helix is a versatile honeypot designed to mimic the behavior of various protocols including Kubernetes API server, HTTP, TCP, and UDP.

A signature-based, multi-step, high interaction honeypot detection tool with support for various detection methods and protocols.

Kippo is a medium interaction SSH honeypot with fake filesystem and session logging capabilities.

Medium interaction SSH Honeypot with multiple virtual hosts and sandboxed filesystems.

A low to medium interaction honeypot with a variety of plugins for cybersecurity monitoring.

A high-interaction honeypot solution for detecting and analyzing SMB-based attacks

SSHoney is an SSH honeypot for logging SSH connection attempts.

A simplified UI for showing honeypot alarms for the DTAG early warning system