Hackerific

last update:

Over a year has now passed since I started playing with the Kippo honeypot, so a quick second post about my findings is long overdue! I ran Kippo on an overpriced cheap VPS with two-IPs pretty much continuously from between April and September 2013. That’s 5 months (154 days). I wrote a short post near the beginning of that time. In my original post on this subject I waffled a bit about how almost all of the attacking traffic I saw was from Chinese IPs and mentioned a few attempted passwords with high entropy.

Bed Against The Wall inspired me to try running kippo, an SSH honeypot on a spare CentOS VPS I ended accidentally paying for. So far, I’ve completed a very basic installation by using an iptables rule to redirect traffic from kippo’s default port of 2222 to 22 on the VPS’ second IP address, created an unprivileged user to run the kippo scripts then started kippo.sh as that user. At the moment, I’m just watching the logs and I’ve left the default kippo credentials in place (root/123456) for about a week.

I backed a recent Kickstarter project to allow Sabernetics to create and sell small I2C powered OLED displays – the small number of IO lines required by I2C makes it an excellent bus for embedded stuff, and I love things with blue LEDs so backing the project was a no-brainer :) The boards just arrived, so I decided to have a play by wiring one up to an Arduino and giving it a poke.

I’ve had a cacti server for some time, but I recently decided to experiment with collectd. In this post, I’ll talk about how I ported my CurrentCost monitoring code to work with collectd. What’s wrong with cacti? For a home user who just wants to monitor my router, power usage, and the odd arduino controlled thermometer, cacti is fine, but the limitations are fairly obvious: Cacti is buggy – really buggy.

In the last year or so there’s been a fair amount of coverage of the excellent Ubertooth project. Ubertooth One is an open source 2.4 GHz experimentation device, designed for messing with bluetooth, but with a lot of flexibility which gives rise some other very cool features, like spectrum monitoring. I installed the Kismet Spectrum-Tools on a Backtrack Linux box to play with, and thought I’d share a brief howto, along with some images.