在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称(OpenSource Name):pwnlandia/mhn开源软件地址(OpenSource Url):https://github.com/pwnlandia/mhn开源编程语言(OpenSource Language):Python 42.5%开源软件介绍(OpenSource Introduction):Modern Honey Network MHN is a centralized server for management and data collection of honeypots. MHN allows you to deploy sensors quickly and to collect data immediately, viewable from a neat web interface. Honeypot deploy scripts include several common honeypot technologies, including Snort, Cowrie, Dionaea, and glastopf, among others. For questions regarding troubleshooting your installation, please review the MHN Troubleshooting Guide, search past questions on the modern-honey-network Google Group, or send emails to [email protected]. FeaturesMHN is a Flask application that exposes an HTTP API that honeypots can use to:
It also allows system administrators to:
Installation
Note: if you run into trouble during the install, please checkout the troubleshooting guide on the wiki. If you only want to experiment with MHN on some virtual machines, please check out the Getting up and Running with Vagrant guide on the wiki. Install Git
Install MHN
Run the following script to complete the installation. While this script runs, you will be prompted for some configuration options. See below for how this looks.
Configuration
RunningIf the installation scripts ran successfully, you should have a number of services running on your MHN server. See below for checking these.
Running MHN Behind a ProxyFor directions on running MHN behind a web proxy, follow the directions in the wiki. Running MHN Over HTTPSBy default MHN will run without HTTPS, to configure your installation to use SSL certificates directions can be found in the wiki. Running MHN with Docker (not maintained)Running MHN in docker is not officially supported, but it might work. The container takes a few minutes to start at the first launch to initialize. Splunk, ArcSight and ELK are not yet supported in Docker. Build it
Run it
Environment variables
Deploying honeypots with MHNMHN was designed to make scalable deployment of honeypots easier. Here are the steps for deploying a honeypot with MHN:
If the deploy script successfully completes you should see the new sensor listed under your deployed sensor list. For a full list of supported sensors, check the list here: List of Supported Sensors Integration with Splunk and ArcSighthpfeeds-logger can be used to integrate MHN with Splunk and ArcSight. Splunk
This will log the events as key/value pairs to /var/log/mhn-splunk.log. This log should be monitored by the SplunkUniversalForwarder. Arcsight
This will log the events as CEF to /var/log/mhn-arcsight.log DataNOTICE This section is out of date. Community data is not collected by Anomali although MHN still attempts to send this data to Anomali servers. The MHN server reports anonymized attack data back to Anomali, Inc. (formerly
known as ThreatStream). If you are interested in viewing this data, get details
in the
wiki.
This data reporting can be disabled by running the following command from the
MHN server after completing the initial installation steps outlined above:
Support or ContactMHN is an open source project that relies on community involvement. Please check out our troubleshooting guide on the wiki. We will also lend a hand, if needed. Find us at: [email protected]. Credit and ThanksMHN was originally created by Anomali, Inc. MHN leverages and extends upon several awesome projects by the Honeynet project. Please show them your support by way of donation. LICENSEModern Honeypot Network This program free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论