1. 4
    1. 6

      Seems like an awful lot of C for something that could be done with a 6 line shell script run by inetd.

      edit: not to denigrate the effort, but this feels overkill for something as simple as telnet :-)

      1. 5

        Most of it seems to be devoted to accurately reproducing the telnet negotiation protocol and providing the session with a secure chroot() jail.

      2. [Comment removed by author]

    2. 3

      What does it illustrate? That it can be done, or something else entirely?

      1. 2

        I think is a fun project. I always liked small tools written in C that do one thing well enough since you can use them and learn about the code in only a few minutes/hours.

    3. 3

      sshd equivalent of this would be interesing, I would deploy it on some of my VPSes and see what dictionaries my chinese friends are using ;)

      1. 2

        I never got around to it but thought about changing sshd code so that when PasswordAuthentication is not offered but the client sends a password anyway, that password is logged somewhere. (Bruceforce tools tend to not respect the protocol).

        1. 4

          You asked for it, you got it: https://github.com/desaster/kippo

          1. 1

            Thanks, but I was unclear. I don’t want to run dedicated honeypots. I just wanted to augment my production environment to indicate trends among attackers.

          2. 1

            It seems that kippo has a fork which is more complete, named Cowrie: http://www.micheloosterhof.com/cowrie/. It’s very nice, it even converts the tty logs to asciinema. Thanks!