ITS 3250 - Securing Systems

Week 14: Artillery

This lesson explores tool suggestions from other students.

Concepts:

Our friend Devin provided this link to a web page on GitHub. (https://github.com/BinaryDefense/artillery)

According to the embedded documentation, Artillery serves several purposes.

  • It is supposed to act as a honeypot, a system monitor, and an alerting system.
  • It is supposed to work on Linux systems, as well as on Windows systems.
  • It requires installation on a system on which you have already installed Python, so do that if necessary.
  • It sets up multiple common ports that are attacked. If someone connects to these ports, it blacklists them forever (to remove blacklisted ip's, remove them from /var/artillery/banlist.txt)
  • It monitors what folders you specify, by default it checks /var/www and /etc for modifications.
  • It monitors the SSH logs and looks for brute force attempts.
  • It will email you when attacks occur and let you know what the attack was.

Assignment:

  1. This week, I would like to have you download this product. (It has several components), install it, and test it.
  2. Use Module 14 Discussion Board to discuss your download and installation progress. At the very least, post that you have done both.
  3. Make a report about your experience downloading and installing on at least one platform.
  4. Make an evaluation of the tool. Does it appear to work as promised? Does it have any particular virtues or failures?
  5. Turn in your evaluation as Paper 7: Artillery. Including the discussion board, this assignment is worth  100 points.

As noted in the documentation, this is a blue team/defensive tool. Feel free to make some observations about attacking a system that has this installed.

 

Artillery Assignment

  1. This week, I would like to have you download this product. (It has several components), install it, and test it.
  2. Use Module 14 Discussion Board to discuss your download and installation progress. At the very least, post that you have done both.
  3. Make a report about your experience downloading and installing on at least one platform.
  4. Make an evaluation of the tool. Does it appear to work as promised? Does it have any particular virtues or failures?
  5. Turn in your evaluation as Paper 7: Artillery. Including the discussion board, this assignment is worth  100 points.

As noted in the documentation, this is a blue team/defensive tool. Feel free to make some observations about attacking a system that has this installed.