Today I spent several hours attempting to install Dionaea on Ubuntu 14.04. I attempted to compile and install per the instructions on the website, but without any luck. Based on the success I had on the last project, I thought perhaps someone had already written a quick bash script to take the complexity out of this. I was able to find a few scripts, but none that worked out-of-the-box on 14.04. It seems as though no one has looked at this since 2012 since all the blogs, guides and scripts are written based on Ubuntu 11.10 or 12.04.
Andy Smith’s blog post seemed to be the most aligned with my goals, but did not work because apt-get could not find the “dionaea” package. Apparently this has been renamed to dionaea-philbo. I discovered this by reviewing a Modern Honey Network (MHN) project GitHub discussion. MHN looks like a pretty cool project to review another day.
In the end, getting dionaea operational on Ubuntu 14.04 is quick and easy:
apt-get update sudo apt-get install software-properties-common python-software-properties -y sudo add-apt-repository ppa:honeynet/nightly -y sudo apt-get update -y sudo apt-get install dionaea-phibo -y sudo service dionaea-phibo start
NOTE: Several times I’ve had to run “apt-get install dionaea-phibo” a second time. I believe the issue is that it won’t install until all dependancies are installed, which happens the first time you execute the installation. The second time it always takes. Weird, but that’s what I’ve noticed.
NOTE: If you’re running this on an Ubuntu VPS, you’ll also notice that rsyslog pegs the processor as it fills up the HDD by writing garbage to dionaea.log. Run these commands immediately after installation to fix the issue:
service rsyslog stop sed -i -e 's/^$ModLoad imklog/#$ModLoad imklog/g' /etc/rsyslog.conf service rsyslog start
BOOM, it’s up and running. Don’t forget to configure the services (/etc/dionaea/dionaea.conf).
And lastly, as Tom comments below, you’ll want to update your logging settings in dionaea.conf to the level you require. It is set to “all” out of the box and will quickly fill you logs. Thanks Tom!