ITS 3250 - Securing Systems
Week 14: Artillery
This lesson explores tool suggestions from other students.
Our friend Devin provided this
link to a web page on GitHub.
According to the embedded documentation, Artillery serves
- It is supposed to act as a honeypot, a system monitor, and
an alerting system.
- It is supposed to work on Linux systems, as well as on
- It requires installation on a system on which you have
already installed Python, so do that if necessary.
- It sets up multiple common ports that are attacked. If
someone connects to these ports, it blacklists them forever (to remove
blacklisted ip's, remove them from /var/artillery/banlist.txt)
- It monitors what folders you specify, by default it checks
/var/www and /etc for modifications.
- It monitors the SSH logs and looks for brute force attempts.
- It will email you when attacks occur and let you know what
the attack was.
- This week, I would like to have you download this product.
(It has several components), install it, and test it.
- Use Module 14 Discussion Board to discuss your download and
installation progress. At the very least, post that you have done both.
- Make a report about your experience downloading and
installing on at least one platform.
- Make an evaluation of the tool. Does it appear to work as
promised? Does it have any particular virtues or failures?
- Turn in your evaluation as Paper 7: Artillery. Including
the discussion board, this assignment is worth 100 points.
As noted in the documentation, this is a blue team/defensive
Feel free to make some observations about attacking a system that has