Setup a dionaea development environment

27.12.2015 PhiBo Software HowTo, dionaea, Vagrant, honeypot

A Vagrantfile has been added to the dionaea git repository to simplify the setup of a development machine. It uses Vagrant and VirtualBox.

Please have a look at the Vagrant documentation on how to setup Vagrant.

After all requirements have been installed. Clone the git repository and change into the vagrant directory.

$ git clone https://github.com/DinoTools/dionaea.git
$ cd dionaea/vagrant

Call vagrant up to start the virtual machine. This will download the required box images, start the virtual machine, perform the provisioning and do an initial build of dionaea. By default the VM has a bridged network interface so you have to choose which network interface to use for the bridge.

$ vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Box 'ubuntu/trusty64' could not be found. Attempting to find and install...
        default: Box Provider: virtualbox
        default: Box Version: >= 0
==> default: Loading metadata for box 'ubuntu/trusty64'
        default: URL: https://atlas.hashicorp.com/ubuntu/trusty64
==> default: Adding box 'ubuntu/trusty64' (v20151217.0.0) for provider: virtualbox
        default: Downloading: https://atlas.hashicorp.com/ubuntu/boxes/trusty64/versions/20151217.0.0/providers/virtualbox.box
==> default: Successfully added box 'ubuntu/trusty64' (v20151217.0.0) for 'virtualbox'!
==> default: Importing base box 'ubuntu/trusty64'...
==> default: Matching MAC address for NAT networking...
==> default: Checking if box 'ubuntu/trusty64' is up to date...
==> default: Setting the name of the VM: vagrant_default_1451203237190_66870
==> default: Clearing any previously set forwarded ports...
==> default: Clearing any previously set network interfaces...
==> default: Available bridged network interfaces:
1) wlp2s0
2) virbr0
3) eno1
4) virbr1
==> default: When choosing an interface, it is usually the one that is
==> default: being used to connect to the internet.
        default: Which interface should the network bridge to? 1
==> default: Preparing network interfaces based on configuration...
        default: Adapter 1: nat
        default: Adapter 2: bridged
==> default: Forwarding ports...
        default: 22 => 2222 (adapter 1)
==> default: Booting VM...
==> default: Waiting for machine to boot. This may take a few minutes...
        default: SSH address: 127.0.0.1:2222
        default: SSH username: vagrant
        default: SSH auth method: private key

The dionaea directory is shared with the VM and mapped to the /vagrant directory inside the VM. You can use your preferred editor or IDE on your host system to edit the files and perform a rebuild inside the VM to test your changes.

To do this enter the VM by using the vagrant ssh command and run the build tasks inside the VM.

$ vagrant ssh
Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-74-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

  System information as of Sun Dec 27 08:00:55 UTC 2015

  System load:  0.97              Processes:           81
  Usage of /:   3.4% of 39.34GB   Users logged in:     0
  Memory usage: 25%               IP address for eth0: 10.0.2.15
  Swap usage:   0%

  Graph this data and manage this system at:
        https://landscape.canonical.com/

  Get cloud support with Ubuntu Advantage Cloud Guest:
        http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 updates are security updates.


vagrant@vagrant-ubuntu-trusty-64:~$ cd /vagrant/
vagrant@vagrant-ubuntu-trusty-64:/vagrant$ make
vagrant@vagrant-ubuntu-trusty-64:/vagrant$ sudo make install
vagrant@vagrant-ubuntu-trusty-64:/vagrant$ sudo service dionaea restart

To get the IP Address of your honeypot to run some tests use the following commands.

$ vagrant ssh
Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-74-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

  System information as of Sun Dec 27 08:04:13 UTC 2015

  System load:  0.13              Processes:           79
  Usage of /:   3.9% of 39.34GB   Users logged in:     0
  Memory usage: 32%               IP address for eth0: 10.0.2.15
  Swap usage:   0%                IP address for eth1: 192.168.1.234

  Graph this data and manage this system at:
        https://landscape.canonical.com/

  Get cloud support with Ubuntu Advantage Cloud Guest:
        http://www.ubuntu.com/business/services/cloud


Last login: Sun Dec 27 08:04:14 2015 from 10.0.2.2
vagrant@vagrant-ubuntu-trusty-64:~$ ifconfig eth1
eth1      Link encap:Ethernet  HWaddr 08:00:27:44:5c:9c
              inet addr:192.168.1.234  Bcast:192.168.1.255  Mask:255.255.255.0
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:30413 errors:0 dropped:0 overruns:0 frame:0
              TX packets:9333 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:45318845 (45.3 MB)  TX bytes:832988 (832.9 KB)

Verwandte Artikel