problem is about the honeypot that won't spawn over the selected ports:
example, within this configuration:
PORTS TO SPAWN HONEYPOT FOR
TCPPORTS="3389,88,389,445,135,137,1433,8080,21,5060,5061,5900,25,110,1723,1337,10000,5800,44443,16993"
UDPPORTS="123,5060,5061,3478"
none of those ports are active:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 566 root 3u IPv4 21609 0t0 TCP *:22 (LISTEN)
postgres 595 postgres 3u IPv6 19874 0t0 TCP [::1]:5432 (LISTEN)
postgres 595 postgres 6u IPv4 19875 0t0 TCP 127.0.0.1:5432 (LISTEN)
postgres 595 postgres 10u IPv6 19994 0t0 UDP [::1]:60526->[::1]:60526
netdata 611 netdata 3u IPv4 19027 0t0 TCP *:19999 (LISTEN)
netdata 611 netdata 4u IPv6 19028 0t0 TCP *:19999 (LISTEN)
netdata 611 netdata 7u IPv6 20144 0t0 UDP [::1]:8125
netdata 611 netdata 8u IPv4 20145 0t0 UDP 127.0.0.1:8125
netdata 611 netdata 9u IPv6 20149 0t0 TCP [::1]:8125 (LISTEN)
netdata 611 netdata 10u IPv4 20150 0t0 TCP 127.0.0.1:8125 (LISTEN)
postgres 657 postgres 10u IPv6 19994 0t0 UDP [::1]:60526->[::1]:60526
postgres 658 postgres 10u IPv6 19994 0t0 UDP [::1]:60526->[::1]:60526
postgres 659 postgres 10u IPv6 19994 0t0 UDP [::1]:60526->[::1]:60526
postgres 660 postgres 10u IPv6 19994 0t0 UDP [::1]:60526->[::1]:60526
postgres 661 postgres 10u IPv6 19994 0t0 UDP [::1]:60526->[::1]:60526
postgres 662 postgres 10u IPv6 19994 0t0 UDP [::1]:60526->[::1]:60526
dns2tcpd 1394 nobody 3u IPv4 24091 0t0 UDP *:53
the service is active:
● artillery.service - LSB: Artillery - Advanced threat intelligence
Loaded: loaded (/etc/init.d/artillery; generated)
Active: active (exited) since Tue 2018-08-28 15:12:49 CEST; 16min ago
Docs: man:systemd-sysv-generator(8)
Process: 482 ExecStart=/etc/init.d/artillery start (code=exited, status=0/SUCCESS)
ago 28 15:12:49 KALI20183 systemd[1]: Starting LSB: Artillery - Advanced threat intelligence...
ago 28 15:12:49 KALI20183 artillery[482]: Starting Artillery... Ok
ago 28 15:12:49 KALI20183 systemd[1]: Started LSB: Artillery - Advanced threat intelligence.
running it on a VM (VMware fusion 10.1.3) as the latest kali image 2018.3:
Linux KALI20183 4.17.0-kali3-amd64 #1 SMP Debian 4.17.17-1kali1 (2018-08-21) x86_64 GNU/Linux
root@KALI20183:/etc# cat os-release
PRETTY_NAME="Kali GNU/Linux Rolling"
NAME="Kali GNU/Linux"
ID=kali
VERSION="2018.3"
VERSION_ID="2018.3"
ID_LIKE=debian
ANSI_COLOR="1;31"
HOME_URL="https://www.kali.org/"
SUPPORT_URL="https://forums.kali.org/"
BUG_REPORT_URL="https://bugs.kali.org/"
the only way to make it work properly is to uninstall and reinstalling it every time.
won't survive a reboot or anything else.
any ideas ? anyone else got the same issue ?
thanks in advance
problem is about the honeypot that won't spawn over the selected ports:
example, within this configuration:
PORTS TO SPAWN HONEYPOT FOR
TCPPORTS="3389,88,389,445,135,137,1433,8080,21,5060,5061,5900,25,110,1723,1337,10000,5800,44443,16993"
UDPPORTS="123,5060,5061,3478"
none of those ports are active:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 566 root 3u IPv4 21609 0t0 TCP *:22 (LISTEN)
postgres 595 postgres 3u IPv6 19874 0t0 TCP [::1]:5432 (LISTEN)
postgres 595 postgres 6u IPv4 19875 0t0 TCP 127.0.0.1:5432 (LISTEN)
postgres 595 postgres 10u IPv6 19994 0t0 UDP [::1]:60526->[::1]:60526
netdata 611 netdata 3u IPv4 19027 0t0 TCP *:19999 (LISTEN)
netdata 611 netdata 4u IPv6 19028 0t0 TCP *:19999 (LISTEN)
netdata 611 netdata 7u IPv6 20144 0t0 UDP [::1]:8125
netdata 611 netdata 8u IPv4 20145 0t0 UDP 127.0.0.1:8125
netdata 611 netdata 9u IPv6 20149 0t0 TCP [::1]:8125 (LISTEN)
netdata 611 netdata 10u IPv4 20150 0t0 TCP 127.0.0.1:8125 (LISTEN)
postgres 657 postgres 10u IPv6 19994 0t0 UDP [::1]:60526->[::1]:60526
postgres 658 postgres 10u IPv6 19994 0t0 UDP [::1]:60526->[::1]:60526
postgres 659 postgres 10u IPv6 19994 0t0 UDP [::1]:60526->[::1]:60526
postgres 660 postgres 10u IPv6 19994 0t0 UDP [::1]:60526->[::1]:60526
postgres 661 postgres 10u IPv6 19994 0t0 UDP [::1]:60526->[::1]:60526
postgres 662 postgres 10u IPv6 19994 0t0 UDP [::1]:60526->[::1]:60526
dns2tcpd 1394 nobody 3u IPv4 24091 0t0 UDP *:53
the service is active:
● artillery.service - LSB: Artillery - Advanced threat intelligence
Loaded: loaded (/etc/init.d/artillery; generated)
Active: active (exited) since Tue 2018-08-28 15:12:49 CEST; 16min ago
Docs: man:systemd-sysv-generator(8)
Process: 482 ExecStart=/etc/init.d/artillery start (code=exited, status=0/SUCCESS)
ago 28 15:12:49 KALI20183 systemd[1]: Starting LSB: Artillery - Advanced threat intelligence...
ago 28 15:12:49 KALI20183 artillery[482]: Starting Artillery... Ok
ago 28 15:12:49 KALI20183 systemd[1]: Started LSB: Artillery - Advanced threat intelligence.
running it on a VM (VMware fusion 10.1.3) as the latest kali image 2018.3:
Linux KALI20183 4.17.0-kali3-amd64 #1 SMP Debian 4.17.17-1kali1 (2018-08-21) x86_64 GNU/Linux
root@KALI20183:/etc# cat os-release
PRETTY_NAME="Kali GNU/Linux Rolling"
NAME="Kali GNU/Linux"
ID=kali
VERSION="2018.3"
VERSION_ID="2018.3"
ID_LIKE=debian
ANSI_COLOR="1;31"
HOME_URL="https://www.kali.org/"
SUPPORT_URL="https://forums.kali.org/"
BUG_REPORT_URL="https://bugs.kali.org/"
the only way to make it work properly is to uninstall and reinstalling it every time.
won't survive a reboot or anything else.
any ideas ? anyone else got the same issue ?
thanks in advance