Skip to content

Latest commit

 

History

History
48 lines (34 loc) · 1.24 KB

README.md

File metadata and controls

48 lines (34 loc) · 1.24 KB

dshield

DShield Raspberry Pi Sensor

This is a set of scripts to setup a Raspberry Pi as a DShield Sensor. In order to use the Raspberry Pi, you will need to first prepare it:

  • CHANGE THE DEFAULT SSH PASSWORD (better: use keys to authenticate)
  • expose the Pi to inbound traffic. For example, in many firewalls you will be able to configure it as a "DMZ Hosts"
  • update your Pi. The install script will do this as well, but it can take hours, so you are better off doing it first. To update:
sudo apt-get update
sudo apt-get upgrade
reboot

only on "Jessie Lite":

sudo apt-get install git

on all versions of Raspbian (including Jessie Light):

git clone https://github.com/DShield-ISC/dshield.git
sudo dshield/bin/install.sh

This script will:

  • enable firewall logging and submitting of logs to DShield
  • change your ssh server to listen on port 12222
  • install the ssh honeypot cowrie (TODO)
  • configure a default web server and submit logs to DShield (TODO)

Updates:

inside your "dshield" directory (the directory created above when you run "git clone"), run

git pull
sudo bin/install.sh

Configuration parameters like your API Key will be retained. To edit the configuration, edit /etc/dshield.conf