Debian
======================================

Tested Versions
---------------

* 7.2.0 64bit
* 6.0.7 64bit


This was tested on a minimal installation w/o desktop packages.

Installation
------------

Install dependencies:
::

    apt-get install git libsmi2ldbl smistrip libxslt1-dev python-dev libevent-dev
    
Debian 6 specific
::

    apt-get install python-pip
    pip install argparse


The package snmp-mibs-downloader is non-free so we have to install the package manually. All dependencies are covered by installing smistrip. Get the package from here:
::

    wget $package_url
    dpkg -i $package_name

Alternatively, add "non-free" to the /etc/apt/sources.list
::

    deb http://ftp.nl.debian.org/debian squeeze main non-free 

And do an 
::

    apt-get update

followed by 
::

    apt-get install snmp-mibs-downloader


The stable version of Conpot can be downloaded from PyPI:
::

    pip install conpot


The development version can be cloned from github - but we need a modified modbus-tk first.
::

    cd /opt
    git clone https://github.com/mushorg/modbus-tk.git
    cd modbus-tk
    python setup.py install
    cd ..
    git clone https://github.com/mushorg/conpot.git
    cd conpot
    python setup.py install

Basic configuration
-------------------

Basic configuration options are provided in the default configuration file:
::

    [modbus]
    host = 0.0.0.0
    port = 502

    [snmp]
    host = 0.0.0.0
    port = 161

    [http]
    host = 0.0.0.0
    port = 80

    [sqlite]
    enabled = False

    [hpfriends]
    enabled = False
    host = hpfriends.honeycloud.net
    port = 20000
    ident = 3Ykf9Znv
    secret = 4nFRhpm44QkG9cvD
    channels = ["conpot.events", ]

    [fetch_public_ip]
    enabled = True
    url = http://api-sth01.exip.org/?call=ip

Please note that by enabling hpfriends your conpot installation will automatically transmit attack data to The Honeynet
Project. The fetch_public_ip option enables fetching the honeypot public ip address from a external resource.

Example usage
--------------

::

    box$ conpot
    2013-04-12 16:09:25,620 Added slave with id 1.
    2013-04-12 16:09:25,621 Added block a to slave 1. (type=1, start=1, size=128)
    2013-04-12 16:09:25,622 Setting value at addr 1 to [random.randint(0,1) for b in range(0,128)].
    2013-04-12 16:09:25,623 Added block d to slave 2. (type=3, start=40001, size=8)
    2013-04-12 16:09:25,623 Conpot initialized using the S7-200 template.
    2013-04-12 16:09:25,623 Serving on: ('0.0.0.0', 502)
    2013-04-12 16:09:27,141 New connection from 127.0.0.1:61493. (b763654f-c9d8-45ae-b35a-824dfc220911)
    2013-04-12 16:09:27,141 Modbus traffic from 127.0.0.1: {'request_pdu': '0100010008', 'function_code': 1, 'slave_id': 1, 'response_pdu': '010132'} (b763654f-c9d8-45ae-b35a-824dfc220911)
    2013-04-12 16:09:27,142 Modbus traffic from 127.0.0.1: {'request_pdu': '0f0001000801ff', 'function_code': 15, 'slave_id': 1, 'response_pdu': '0f00010008'} (b763654f-c9d8-45ae-b35a-824dfc220911)
    2013-04-12 16:09:27,143 Modbus traffic from 127.0.0.1: {'request_pdu': '0100010008', 'function_code': 1, 'slave_id': 1, 'response_pdu': '0101ff'} (b763654f-c9d8-45ae-b35a-824dfc220911)
    2013-04-12 16:09:27,144 Client disconnected. (b763654f-c9d8-45ae-b35a-824dfc220911)