Section: Reports (1)
Return to Main Contents
kojreport - Generate reports from the Kojoney Honeypot log files.
kojreport <log file> <traceroute> <nmap> <country>
Kojreport is a shell script to generate plain text reports from the Kojoney Honeypot log files. The generated reports includes statistics about successfull and unsuccessfull logons logons with null passwords X11 forward requests, commands executeds when connected to the fake shell, intruder's ip addresses and country, etc...
Report is printed to STDOUT.
Print the route packets take to network host. Possible values are 0 (disabled) and 1 (enabled).
Print nmap output take to network host. Possible values are 0 (disable) and 1 (enabled).
Resolve intruder's country using kip2country tool. Possible values are 0 (disable) and 1 (enabled).
The following are examples of how is the correct way to run the tool:
# kojreport /var/log/honeypot.log
Generates a normal report without traceroute and nmap output and without ip address to host resolution.
# kojreport /var/log/honeypot.log 0 0 1
Generates a normal report without traceroute and nmap output but with ip address to host resolution.
# kojreport /var/log/honeypot.log 1 0 1
Generates a report with traceroute output, without nmap output and with ip address to host resolution.
/var/log/honeypot.log - Common path to the Koret Honeypot log file.
Jose Antonio Coret <firstname.lastname@example.org>
kip2country(1), kojreport-filter(1), traceroute(8), nmap(1).
- SEE ALSO
This document was created by
using the manual pages.
Time: 20:33:45 GMT, August 11, 2005