kojreport

Section: Reports (1)
Updated: 0.0.3
Index Return to Main Contents
 

NAME

kojreport - Generate reports from the Kojoney Honeypot log files.  

SYNTAX

kojreport <log file> <traceroute> <nmap> <country>
 

DESCRIPTION

Kojreport is a shell script to generate plain text reports from the Kojoney Honeypot log files. The generated reports includes statistics about successfull and unsuccessfull logons logons with null passwords X11 forward requests, commands executeds when connected to the fake shell, intruder's ip addresses and country, etc...

Report is printed to STDOUT.  

OPTIONS

traceroute
Print the route packets take to network host. Possible values are 0 (disabled) and 1 (enabled).
nmap
Print nmap output take to network host. Possible values are 0 (disable) and 1 (enabled).
country
Resolve intruder's country using kip2country tool. Possible values are 0 (disable) and 1 (enabled).
 

EXAMPLES

The following are examples of how is the correct way to run the tool:

# kojreport /var/log/honeypot.log

Generates a normal report without traceroute and nmap output and without ip address to host resolution.

# kojreport /var/log/honeypot.log 0 0 1

Generates a normal report without traceroute and nmap output but with ip address to host resolution.

# kojreport /var/log/honeypot.log 1 0 1

Generates a report with traceroute output, without nmap output and with ip address to host resolution.
 

FILES

/var/log/honeypot.log - Common path to the Koret Honeypot log file.  

AUTHORS

Jose Antonio Coret <joxeankoret@yahoo.es>  

SEE ALSO

kip2country(1), kojreport-filter(1), traceroute(8), nmap(1).


 

Index

NAME
SYNTAX
DESCRIPTION
OPTIONS
EXAMPLES
FILES
AUTHORS
SEE ALSO

This document was created by man2html, using the manual pages.
Time: 20:33:45 GMT, August 11, 2005