SendMeSpamIDS

Is a python written honeypot software currently covering
  • HTTP
  • HTTPS
  • SMTP
  • TELNET
  • RDP (alpha)
  • Microsoft-DS (alpha)
  • Microsoft-SQL (alpha)

Download:

https://sourceforge.net/projects/sendmespamids
https://github.com/johestephan/sendmespamids.py (development)

 Usage:







 (and yes, it works on Raspberry PI :-)

Used modules:

socket, datetime, time,ssl,optparse,sys,smtpd,asyncore,time,pyclamd,geoip.re

and some own written modules which can be found in ./modules/ 

Toolbox:

Basic idea was to include ELK, so the logging to syslog.
Some of the configuration examples are included within the ./toolbox/ folder


Log files:

per default (hard coded), all raw data will be written to /var/log/smsids_raw.log
if the syslog tools from the toolbox folder are applied, a very short output will be written to /var/log/smsids.log