搭建mhn蜜罐管理系统并部署蜜罐

安装

1
2
3
4
5
sudo apt-get install git -y
cd /opt/
sudo git clone https://github.com/threatstream/mhn.git
cd mhn/
sudo ./install.sh

配置

默认就行,邮箱和密码要记住,后面要用

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
===========================================================
MHN Configuration
===========================================================
Do you wish to run in Debug mode?: y/n n
Superuser email: YOUR_EMAIL@YOURSITE.COM
Superuser password:
Server base url ["http://XXXXX"]:
Honeymap url ["http://XXXXXXXX:3000"]:
Mail server address ["localhost"]:
Mail server port [25]:
Use TLS for email?: y/n n
Use SSL for email?: y/n n
Mail server username [""]:
Mail server password [""]:
Mail default sender [""]:
Path for log file ["XXXXXXXX/mhn.log"]:

之后Splunk和ELK可以不用了

可以看看运行成功没有

1
2
3
4
5
6
7
8
9
10
11
12
13
user@precise64:/opt/mhn/scripts$ sudo /etc/init.d/nginx status
* nginx is running
user@precise64:/opt/mhn/scripts$ sudo /etc/init.d/supervisor status
is running
user@precise64:/opt/mhn/scripts$ sudo supervisorctl status
geoloc RUNNING pid 31443, uptime 0:00:12
honeymap RUNNING pid 30826, uptime 0:08:54
hpfeeds-broker RUNNING pid 10089, uptime 0:36:42
mhn-celery-beat RUNNING pid 29909, uptime 0:18:41
mhn-celery-worker RUNNING pid 29910, uptime 0:18:41
mhn-collector RUNNING pid 7872, uptime 0:18:41
mhn-uwsgi RUNNING pid 29911, uptime 0:18:41
mnemosyne RUNNING pid 28173, uptime 0:30:08

在另一机器部署蜜罐

非常简单

  1. 登录MHN server(就是上面我们配置好的机器,80端口就好)
  2. 点击 “Deploy”
  3. 选择一种蜜罐 (比如 “Ubuntu Dionaea”).
  4. 复制部署命令
  5. 登录到要部署的蜜罐服务器并用root用户运行

效果

自愿打赏专区