Project Artillery is an advanced active response tool for detecting
attackers before they have the chance to hit the rest of your network.
Project Artillery is an open-source Python-driven tool written purely in
native Python. The purpose of Artillery is to provide a combination of a
honeypot, file-system monitoring, system hardening, real-time threat
intelligence feeds, and overall health of a server to create a
comprehensive way to secure a system. Project Artillery was written to
be an addition to security on a server and make it very difficult for
attackers to penetrate a system. The concept is simple. Project
Artillery will monitor the filesystem looking for any type of change, if
one is detected, an email is sent to the server owner. If SSH brute
force attacks are detected, notifications will be sent to the server
owner, as well as ban the offending IP address.
Project Artillery has a built in threat intelligence feed that
automatically blocks attackers known from other sensors deployed around
the globe. The “Artillery Threat Intelligence Feed” (ATIF) is a number
of TrustedSec owned servers strategically deployed around the globe and
feeding real-time intelligence back to your Artillery installations.
This allows you to be on a defensive ground for already known attackers
prior to them ever hitting you. When Artillery is deployed, it contacts
TrustedSec’s central intelligence feed to pull multiple Artillery
sensors located around the globe into a realtime alerting system of
attacker IP addresses. The Artillery systems you install will
continuously pull the feeds in realtime and have coverage from attacker
addresses prior to them hitting you.
One of the most effective features is the honeypot aspects of Artillery.
Artillery will open a series of pre-defined ports that are commonly
attacked. For example 135/445 (RPC/SMB), 1433 (MSSQL), 5900 (VNC), and
many others. If an attacker attempts to port scan or connect to these
ports, a random sequence of random data is sent back to the attacker to
look as a strange protocol then bans the offending attacker. Using this
method on the Internet yielded over 973 blocked offenders within
leveraging it in a weeks timeframe
To download Project Artillery, you must utilize github and issue the following command:
Only you knw how to solve YOUR problem .... Coz no one is walking in your shoes
ConversionConversion EmoticonEmoticon