SendMeSpamIDS

Is a python written honeypot software currently covering

• HTTP
• HTTPS
• SMTP
• TELNET
• RDP (alpha)
• Microsoft-DS (alpha)
• Microsoft-SQL (alpha)

Download:

https://sourceforge.net/projects/sendmespamids
https://github.com/johestephan/sendmespamids.py (development)

 Usage:

 (and yes, it works on Raspberry PI :-)

Used modules:

socket, datetime, time,ssl,optparse,sys,smtpd,asyncore,time,pyclamd,geoip.re

and some own written modules which can be found in ./modules/ 

Toolbox:

Basic idea was to include ELK, so the logging to syslog.
Some of the configuration examples are included within the ./toolbox/ folder

Log files:

per default (hard coded), all raw data will be written to /var/log/smsids_raw.log
if the syslog tools from the toolbox folder are applied, a very short output will be written to /var/log/smsids.log