New release for the web honeypot application Glastopf, this is a low interaction honeypot that will emulate vulnerable web server to detect intrusion against websites. the application is open source and have vulnerabilities that can help you in finding any malicious IP tries to compromise your webserver.
Logs produced by honeypots are important to find if there is a scan targeting your facilities so you can prevent these attacks. this beside that it will improve the security with having logs for any SQL based attacks that are launched by a malicious IP. the release include the following improvement:
- Fixed surf cert IDS logger (Issue #140).
- Syslog logger now outputs sensor host/port instead of the attacker supplied HOST header.
- Added STIX/TAXII logger .
- Detection of SQLi attempts are now done using Libinjection from Client9.
- Various minor improvements and bugfixes.
- Attack surface now customizable.
- Not backwards compatible with Glastopf 3.0.8
- Fixed delay while bootstrapping the dork database.
Current version is Glastopf 3.1.2 and you can download it on the following link: https://github.com/glastopf/glastopf