kojreport
Section: Reports (1)
Updated: 0.0.3
Index
Return to Main Contents
NAME
kojreport - Generate reports from the Kojoney Honeypot log files.
SYNTAX
kojreport <log file> <traceroute> <nmap> <country>
DESCRIPTION
Kojreport is a shell script to generate plain text reports from the Kojoney Honeypot log files. The generated reports includes statistics about successfull and unsuccessfull logons logons with null passwords X11 forward requests, commands executeds when connected to the fake shell, intruder's ip addresses and country, etc...
Report is printed to STDOUT.
OPTIONS
- traceroute
-
Print the route packets take to network host. Possible values are 0 (disabled) and 1 (enabled).
- nmap
-
Print nmap output take to network host. Possible values are 0 (disable) and 1 (enabled).
- country
-
Resolve intruder's country using kip2country tool. Possible values are 0 (disable) and 1 (enabled).
EXAMPLES
The following are examples of how is the correct way to run the tool:
# kojreport /var/log/honeypot.log
-
Generates a normal report without traceroute and nmap output and without ip address to host resolution.
# kojreport /var/log/honeypot.log 0 0 1
-
Generates a normal report without traceroute and nmap output but with ip address to host resolution.
# kojreport /var/log/honeypot.log 1 0 1
-
Generates a report with traceroute output, without nmap output and with ip address to host resolution.
FILES
/var/log/honeypot.log - Common path to the Koret Honeypot log file.
AUTHORS
Jose Antonio Coret <joxeankoret@yahoo.es>
SEE ALSO
kip2country(1), kojreport-filter(1), traceroute(8), nmap(1).
Index
- NAME
-
- SYNTAX
-
- DESCRIPTION
-
- OPTIONS
-
- EXAMPLES
-
- FILES
-
- AUTHORS
-
- SEE ALSO
-
This document was created by
man2html,
using the manual pages.
Time: 20:33:45 GMT, August 11, 2005