After trying to build some nice graphs for the kippo-honeypot with PyCha I found

this little toolbox making things way better than I did:

kippo-graph Homepage (link fixed)

Here are the first results from my honeypot: (no live db-queries made, so Inputs
are not visible right now) Kippo-Stats


3 Responses to “kippo-graph”

  1. Ion says:

    Hello. Yes it’s a commonly downloaded file because as far as I remember it must be the only Microsoft file left that can be linked directly. So it’s a good way to measure the speed of the system. I have also seen cachefly’s 100MB file being downloaded which also serves the same purpose.

    BTW, everything has been moved to the new website, I see you have updated the link already 🙂

    Kippo-Graph has actually reached v0.6.3 so be sure to get the latest version.

    For any other info you can use my email as I don’t see a “notify me of follow-up comments by email” feature here…

  2. scooba says:

    Thank you for this comment. I will update kippo-graph in the next days and generate some new stats. In the meanwhile I had to delete several GB of downloaded stuff
    from the honeypot; those attackers just fill my server 🙂 Wondering why so many are downloading the same Windows-XP-SP3 – file or the same isolinux .. there must be a README.TXT or a HOWTOHACK-Manual somewhere describing this 🙂

  3. Ion says:

    Hello scooba. I’m glad that you found Kippo-Graph useful. It’s interesting to see that your honeypot has been attacked so much in only a matter of days. What I tend to notice is that after some days IPs seems to become “known” to attackers and activity drops. It would be interesting to share some details from Kippo-Input and Kippo-Geo components. FYI, Kippo-Graph 0.5.5 will be released today 🙂

