My favorites | Sign in
Project Home Downloads Wiki Issues Source
Search
for
FAQ  
Frequently Asked Questions
Updated Apr 4, 2011 by desas...@gmail.com

Frequently Asked Questions

What is the root password and how can I change it?

In version 0.4, Kippo accepts both "root" and "123456" as the root passwords. This can be changed in kippo.tac.

In the current SVN version, as well as future releases, the only root password is "123456". However, additional root passwords can be added to data/pass.db by using the passwd command within the honeypot.

Research has shown that "123456" is the second most common attempted password, "root" being the most common. "123456" was chosen as the default password as it's the least suspicious of the two.

It's a good idea to only have one easy password set, as multiple successful logins by the same scanner might look suspicious.

Is Kippo secure?

Kippo is written in python, and doesn't call any external software, so it's probably somewhat secure.

However, kippo has not had any real security audit done on it, and it's definitely vulnerable to some DoS attacks, as there are no limits on how many people can connect to it, or how many files they can download.

It's my recommendation to run kippo in a well firewalled Virtual Machine.

I want to run kippo, but I'm a noob with computers! Can you help me?

Running a server that's available to the Internet - especially a honeypot such as Kippo - is not to be taken lightly. Even though Kippo is very easy to set up, if you don't understand 100% what is going on, honeypots are NOT for you.

By running kippo, you're virtually mooning the attackers. Just like in real life, doing something like that, you better know really well how to defend yourself!

Sorry, but I don't want to risk Kippo becoming a part of the problem that it's designed to fight against.

Comment by jfbethle...@gmail.com, Jun 24, 2010

To run createfs.py, be sure to be root.

/ # /root/createfs.py > /root/fs.pickle / # cp /root/fs.pickle ~kippo/kippo/fs.pickle

done

Comment by jfbethle...@gmail.com, Sep 13, 2010

For database connectivity (latest SVN version): 

# aptitude install mysql-server 
# mysql -u root -p <fill in password> 
> CREATE DATABASE kippo; 
> GRANT ALL ON kippo. TO USER 'kippo'@'localhost' IDENTIFIED BY 'somedifficultpassword'; 
> exit 
kippo$ mysql -u kippo -p <fill in somedifficultpassword> 
> USE kippo; 
> source kippo/doc/sql/mysql.sql 
> exit

Put correct configuration in kippo.cfg

Comment by netwur...@gmail.com, Feb 28, 2011

No TTY session logged to MySQL

If you are logging to MySQL make sure you adjust the max_allowed_packet on your mySQL config (my.cnf) as mine was defaulted to 1MB so I ended losing a few captured session that were over 1MB is size.


Sign in to add a comment
Powered by Google Project Hosting