1 of 10

Cyber Lab

Spring 2024 - Week 6

https://l.acmcyber.com/s24-w6-lab

2 of 10

đź“Ł Announcements

  • 🤗Cyber Academy: xz Backdoor
    • Presented by Mark!
  • đźš©CTF IRL! Friday, May 10th @ 6pm on IM Field
    • RSVP Required: https://l.acmcyber.com/ctfirl
  • đź’» CSRF
    • Summer research project open to active members
    • Great if you don’t have an internship!
    • Signups open: https://l.acmcyber.com/csrf-24
  • 🏀 Cyber Basketball: Friday 6-8pm @ Hitch courts

3 of 10

Cowrie

4 of 10

Quick Definitions

SSH (Secure Shell) - Network protocol for network services. Used for remote access to systems and servers and for file transfers (i.e. seasnet)

Telnet - way to remotely control a computer or device over a network using text commands

Ex: remotely accessing a network router to change settings

5 of 10

Quick Definitions - Server Ports

Essentially a virtual doorway that allows SSH connections to between devices. Facilitates communication to servers and can act as a security mechanism by opening and closing ports with each port having a unique number (i.e port 22, 23, etc.).

6 of 10

Quick Definitions - Honey Pot

A honeypot is an intentionally compromised decoy system set up to lure hackers and other cyber criminals into a controlled environment to help server owners protect and monitor their systems.

7 of 10

So What is Cowrie?

Cowrie is a medium to high interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker. It functions as an SSH and telnet proxy to observe attacker behavior to another system by “listening” to a port.

8 of 10

DEMO

9 of 10

Applications

  • Can be used to protect against attacks
  • Able to track and log tactics and techniques used
  • Reverse Engineer downloads to the server
  • Analyze and learn from the attacks to improve security measures and to help mitigate potential attacks.

10 of 10

Questions?

Tutorial

Github Page