-
Notifications
You must be signed in to change notification settings - Fork 278
In version 0.4, Kippo accepts both "root" and "123456" as the root passwords. This can be changed in kippo.tac.
In the current SVN version, as well as future releases, the only root password is "123456". However, additional root passwords can be added to data/pass.db by using the passwd command within the honeypot.
Research has shown that "123456" is the second most common attempted password, "root" being the most common. "123456" was chosen as the default password as it's the least suspicious of the two.
It's a good idea to only have one easy password set, as multiple successful logins by the same scanner might look suspicious.
Kippo is written in python, and doesn't call any external software, so it's probably somewhat secure.
However, kippo has not had any real security audit done on it, and it's definitely vulnerable to some DoS attacks, as there are no limits on how many people can connect to it, or how many files they can download.
It's my recommendation to run kippo in a well firewalled Virtual Machine.
Running a server that's available to the Internet - especially a honeypot such as Kippo - is not to be taken lightly. Even though Kippo is very easy to set up, if you don't understand 100% what is going on, honeypots are NOT for you.
By running kippo, you're virtually mooning the attackers. Just like in real life, doing something like that, you better know really well how to defend yourself!
Sorry, but I don't want to risk Kippo becoming a part of the problem that it's designed to fight against.