Install kippo a SSH-honeypot (english)

Kippo is a medium interaction SSH-honeypot. It can log brute force attacks and track the interaction performed by an attacker. In this article I will show how to setup kippo on Ubuntu 10.04.

We won't download the tar ball from the latest release. Instead we will fetch the latest version from the subversion repository.

If subversion isn't currently available on your system, go and install it.

$ sudo apt-get install subversion

Kippo needs the twisted network engine. So install it, too.

$ sudo apt-get install python-twisted

After this create a new folder and fetch the latest version from the subversion repository.

$ mkdir svn
$ cd svn
$ svn checkout kippo-read-only

There is already an example of a configuration file in the repository. So for the first run just copy it from kippo.cfg.dist to kippo.cfg

$ cd kippo-read-only/
$ cp kippo.cfg.dist kippo.cfg

Now you can start kippo by running the script.

$ ./

Try to connect to the honeypot. The username is "root" and the password is "123456". To exit the ssh connection close the console window.

$ ssh -p 2222 root@localhost

Edit the configuration file to fit your needs.

Verwandte Artikel