Honeydrive_3 Basic Learning

20161219 08:51--09:30

This blog post records oneydrive_3_royal_jelly (1) System application as a whole and (2) introductory notes on initial preparation or related specific functions, and (3) basic use or fundamental theory.

First, the system application of the overall introduction

Reference: http://bruteforce.gr/honeydrive-3-royal-jelly-edition.html

Honeydrive isThe Premier honeypot Linux distro. It is a virtual appliance (OVA) with Xubuntu Desktop 12.04.4 LTS Edition installed.It contains over pre-installed and pre-configured honeypot software packagessuch as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction honeypot, Glastopf Web honeypot and Wordpot, Conpot scada/ics honeypot, Thug and Phoneyc honeyclients and more.Additionally it includes many useful pre-configured scripts and utilities to analyze, visualize and process the data i T can capture, such as Kippo-graph, Honeyd-viz, Dionaeafr, an ELK stacks and much more.Lastly, almost well-known malware analysis, forensics and network monitoring related tools is also present in the Distribution.
2016121911:10--12:39

What is need to know (please READ):

1) honeydrive 3 have been created entirely from scratch. It's based on Xubuntu Desktop 12.04.4 LTS Edition and it's distributed as a standalone OVA file that can be easily impor Ted as a virtual machine using virtualization software such as VirtualBox and VMware.

2) All the Honeypot programs from the previous version of Honeydrive is included, while they has also been upgraded to T Heir latest versions and converted almost entirely to cloned git repos for easier maintenance and updating. This latter fact on its own could is considered reason enough to release the new version.

3) Many new Honeypot programs has been installed that really make honeydrive 3 "all" in terms of honeypot technology , plus around (!) new security related tools in the fields of malware analysis, forensics and network monitoring.

4) The main honeypot software packages and Bruteforce Lab ' s projects reside in/honeydrive. The rest of the programs reside in/opt. The location of all software can is found inside the README.txt file on the desktop.

5) Honeydrive 3 doesn ' t make itself as known to the outside world as the previous version. There was no descriptive messages and apart from Kippo-graph and honeyd-viz every other piece of software was not accessibl E from the outside (unless if you configure them otherwise, or even lock down kippo-graph and Honeyd-viz as well).

A Note on versioning:previous versions of honeydrive started with a zero (0.1 and 0.2) which seemed confusing to some. I didn ' t like it either and in the end I decided to "renumber" those as versions 1 and 2, essentially making this new vers Ion Honeydrive 3,. I.e the third official release.

Ii. introduction of initial preparation or related specific functions

Reference: Honeydrive 3 VMware Guide
Https://bruteforce.gr/honeydrive-3-vmware-guide.html

Here are a step by step guide for converting the Honeydrive 3 OVA file to a vmware-compatible virtual machine. The procedure should is the same for all of the other VMware products as well (Workstation, ESXi, etc). Instructions:

2.1 Honeydrive_3 Pre-preparation operations for use in VMware:

(1). Download OVF tool (: Download OVF tool 3.5.2 (needs a free account registration) From:https://my.vmware.com/web/vmware/detail s?downloadgroup=ovftool352&productid=352

(2). Install and run the OVF Tool to convert the OVA format file to the VMX format (convert honeydrive OVA to VMX)

(3). Import the VMX format file (Honey) into VMware by double-clicking the. vmx file (Import/open the new virtual machine by double clicking the. vmx files.).

(4). Uninstall VirtualBox Guest Additions (Inside the honeydrive virtual machine, open, in the terminal interface in honeydrive virtual machine) Terminator (on the desktop) and type the following to uninstall the VirtualBox guest additions):

$ sudo aptitude purge -P virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11

$ sudo reboot

（5）.Once Honeydrive is running again, click on "Virtual machine" –> "Install VMware Tools" from the menu. This would mount a virtual disk with VMware Tools. Open Terminator again and type:

$ cp/media/vmware\ tools/vmwaretools-<version>.tar.gz ~/
$ tar zxvf vmwaretools-<version>.tar.gz
$ CD Vmware-tools-distrib
$ sudo./vmware-install.pl-d
$ sudo reboot

That's it, enjoy honeydrive in vmware!

2.2 工序中，关于在windows中OVF Tool的使用

 关于详尽的ovf的信息，参考：https://www.vmware.com/support/developer/ovf/

 本次实践中，是在windows的dos终端界面使用的ovf tool。用法如下：

 （1）快捷键win+R打开“运行”交互界面输入“cmd”进入dos界面

 （2）命令行中输入 D:\software\vm-convert-tool\ovftool.exe --lax -st=ova D:\tmp\HoneyDrive_3_Royal_Jelly.ova D:\tmp2\HoneyDrive_3_Royal_Jelly.vmx，直接回车，即进入格式转换模式。如：

  650) this.width=650;" src="http://s3.51cto.com/wyfs02/M00/8B/BE/wKiom1hXZO7gqTFCAAC_A9fEd7A840.png-wh_500x0-wm_3-wmp_4-s_1540013149.png" title="QQ20161219122142.png" alt="wKiom1hXZO7gqTFCAAC_A9fEd7A840.png-wh_50" />


  650) this.width=650;" src="http://s1.51cto.com/wyfs02/M02/8B/BE/wKiom1hXa4KTx7J2AABrLOSkzLA686.png-wh_500x0-wm_3-wmp_4-s_2643951075.png" title="QQ20161219130834.png" alt="wKiom1hXa4KTx7J2AABrLOSkzLA686.png-wh_50" />





  650) this.width=650;" src="http://s3.51cto.com/wyfs02/M02/8B/BB/wKioL1hXa5qCzjAaAABaBieOj4k094.png-wh_500x0-wm_3-wmp_4-s_3865025738.png" title="QQ20161219130750.png" alt="wKioL1hXa5qCzjAaAABaBieOj4k094.png-wh_50" />

  备注：（1）关于命令中选项和参数的含义可以通过执行命令 D:\software\vm-convert-tool\ovftool.exe --help来了解。（2）命令中，D:\software\vm-convert-tool\ 是ovftool的安装路径，D:\tmp是存放HoneyDrive_3_Royal_Jelly.ova的路径， D:\tmp2是新建的空的用于存放转换vmx格式文件的路径。（3）上述命令行之所以要使用绝对路径，是因为该应用没有加入windows的全局环境配置，或说没有加入成功，关于win7中全局环境变量的配置参考如下链接（本次实践中没有配置成功）：

  OVFTool 4.1 vmdk格式换成OVF格式


http://blog.csdn.net/hanzheng260561728/article/details/51345481

Adding The OVF Tool to your Path environment Variable

The following instructions is for Windows 7, but the steps is similar on other Windows systems.
Right-click My Computer.
Select Properties.
Select Advanced system settings.
Select Environment Variables.
Highlight (SELECT) the Path variable from the System variable (lower) pane.
Click the Edit button and then type the path to the folder where you installed the OVF Tool (at the end of the existing PA TH).

2.3 Operations, import the VMX format file into VMware

By double-clicking the ". Vmx" file of the Honeydrive_3_royal, the HoneyDrive system nameHoneyDrive_3_Royal导入到vmware的虚拟机列表中，然后在vmware的虚拟机列表中选中该系统名称，单机菜单栏下方的“开启此客户机操作系统”绿色按钮就可以开启该操作系统。即是说，HoneyDrive_3应用套件是预安装在ubuntu操作系统中的，HoneyDrive_3_Royal_Jelly.ova文件是现成的组装好后生成的虚拟机文件（而不是需要先安装ubuntu系统而后手工将套件安装放置到ubuntu中），直接可以使用，只是为了在Vmware中使用所以要将其格式转换为vmx。

650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M02/8B/BB/wKioL1hXd6DC_F73AACfZYSlaXE226.png-wh_500x0-wm_3 -wmp_4-s_3297874009.png "title=" Qq20161219140038.png "alt=" Wkiol1hxd6dc_f73aacfzyslaxe226.png-wh_50 "/>

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/8B/BB/wKioL1hXeBTj2yaZAANfJLENvQg089.png "title=" Qq20161219140234.png "alt=" Wkiol1hxebtj2yazaanfjlenvqg089.png "/>

This article is from the "magical Landscape" blog, please be sure to keep this source http://8603575.blog.51cto.com/8593575/1883929

Honeydrive_3 Basic Learning