|
1 | | -Artillery is a combination of a honeypot, monitoring tool, and alerting system. Eventually this will evolve into a hardening monitoring platform as well to detect insecure configurations from nix systems. It's relatively simple, run ```./setup.py``` and hit yes, this will install Artillery in ```/var/artillery``` and edit your ```/etc/init.d/rc.local``` to start artillery on boot up. |
| 1 | +Project Artillery has moved to https://github.com/BinaryDefense/artillery. |
2 | 2 |
|
3 | | -### Features |
4 | | - |
5 | | -1. It sets up multiple common ports that are attacked. If someone connects to these ports, it blacklists them forever (to remove blacklisted ip's, remove them from ```/var/artillery/banlist.txt```) |
6 | | - |
7 | | -2. It monitors what folders you specify, by default it checks ```/var/www``` and ```/etc``` for modifications. |
8 | | - |
9 | | -3. It monitors the SSH logs and looks for brute force attempts. |
10 | | - |
11 | | -4. It will email you when attacks occur and let you know what the attack was. |
12 | | - |
13 | | -Be sure to edit the ```/var/artillery/config``` to turn on mail delivery, brute force attempt customizations, and what folders to monitor. |
14 | | - |
15 | | -### Bugs and enhancements |
16 | | - |
17 | | -For bug reports or enhancements, please open an issue here https://github.com/trustedsec/artillery/issues |
18 | | - |
19 | | -### Project structure |
20 | | - |
21 | | -For those technical folks you can find all of the code in the following structure: |
22 | | - |
23 | | -- ```src/core.py``` - main central code reuse for things shared between each module |
24 | | -- ```src/monitor.py``` - main monitoring module for changes to the filesystem |
25 | | -- ```src/ssh_monitor.py``` - main monitoring module for SSH brute forcing |
26 | | -- ```src/honeypot.py``` - main module for honeypot detection |
27 | | -- ```src/harden.py``` - check for basic hardening to the OS |
28 | | -- ```database/integrity.data``` - main database for maintaining sha512 hashes of filesystem |
29 | | -- ```setup.py``` - copies files to ```/var/artillery/``` then edits ```/etc/init.d/artillery``` to ensure artillery starts per each reboot |
30 | | - |
31 | | -### Supported platforms |
32 | | - |
33 | | -- Linux |
34 | | -- Windows |
35 | | - |
36 | | - |
37 | | -Project Artillery - A project by Binary Defense Systems (https://www.binarydefense.com). |
38 | | - |
39 | | -Binary Defense Systems (BDS) is a sister company of TrustedSec, LLC |
| 3 | +Visit there for the latest repository. |
0 commit comments