about summary refs log tree commit diff
diff options
context:
space:
mode:
authorEmile <hanemile@protonmail.com>2020-01-27 21:23:38 +0100
committerEmile <hanemile@protonmail.com>2020-01-27 21:23:38 +0100
commita6268d3bb81efc8195c630e6b927c92cbcc4c385 (patch)
treeb505938bf2cfa1437d76a6eb3c3891893098bcd5
parentaaa876634ece2028b1ebaae59d631715a94f5c5d (diff)
propper readme
-rw-r--r--README.md62
1 files changed, 61 insertions, 1 deletions
diff --git a/README.md b/README.md
index d66df62..f4f6656 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,3 @@
-[![Go Report Card](https://goreportcard.com/badge/git.darknebu.la/honeysuite/ssh-grab-passwords-map)](https://goreportcard.com/report/git.darknebu.la/honeysuite/ssh-grab-passwords-map) [![Build Status](https://drone.darknebu.la/api/badges/honeysuite/ssh-grab-passwords-map/status.svg)](https://drone.darknebu.la/honeysuite/ssh-grab-passwords-map)
 
 # ssh-grab-passwords
 
@@ -7,3 +6,64 @@ Try to grab username/passwords. As simple as it sounds.
 ## Usage
 
 Simply run it. The executable takes no command line arguments
+
+# ssh-grab-passwords-map
+> A honeypot catching ssh login attempts exposing metrics for dislay using grafana and it's worldmap plugin
+
+[![Go Report Card](https://goreportcard.com/badge/git.darknebu.la/honeysuite/ssh-grab-passwords-map)](https://goreportcard.com/report/git.darknebu.la/honeysuite/ssh-grab-passwords-map) [![Build Status](https://drone.darknebu.la/api/badges/honeysuite/ssh-grab-passwords-map/status.svg)](https://drone.darknebu.la/honeysuite/ssh-grab-passwords-map)
+
+This honeypot catches login attempts into an ssh service it creates. The login attempts are logged and the country of the attacker is found out using the geo-ip provider [ip-api.com](https://ip-api.com). The data is exposed using an http server so that other services can use the exposed data.
+
+## Installation
+
+### Local
+
+Linux, Windows, OSX
+```sh
+$ go build ./...
+```
+
+### Docker
+
+The docker Image can be build like this:
+
+```
+$ docker build . -t ssh-grab-passwords-map
+```
+
+It can then be run like this:
+
+```
+$ docker run -p 8080:1234 -p 2222:2345 ssh-grab-passwords-map --httpPort 1234 --sshPort 2345
+```
+
+## Usage example
+
+The service can be used in combination with [Prometheus](https://prometheus.io) and [Gafana](https://grafana.com/). Prometheus works as a time-series database storing the data and Grafana is used to display it.
+
+The Grafana [worldmap plugin](https://github.com/grafana/worldmap-panel) can be used to display the attacks. In order to do this, it needs a custom location endpoint which is exposed by the `/location` endpoint.
+
+## Development setup
+
+TODO
+
+
+## Release History
+
+No releases yet...
+
+## Meta
+
+Emile – [@hanemile](https://twitter.com/hanemile)
+
+Distributed under the MIT license. See ``LICENSE`` for more information.
+
+[https://git.darknebu.la/honeysuite/ssh-grab-passwords-map](https://git.darknebu.la/honeysuite/ssh-grab-passwords-map)
+
+## Contributing
+
+1. Fork it (<https://git.darknebu.la/repo/fork/379>)
+2. Create your feature branch (`git checkout -b feature/fooBar`)
+3. Commit your changes (`git commit -am 'Add some fooBar'`)
+4. Push to the branch (`git push origin feature/fooBar`)
+5. Create a new Pull Request
\ No newline at end of file