Thanks to Andrew Waite for informing us of the Mercury-Live Honeypot DVD, because it's where I had first run dionaea. Figuring I'm not doing something right and being a hacker (the person who wants to figure things out and not the person who attacks other systems illegally) I decided to start from scratch. Could it be any more complicated?
Documentation is extremely limited. There is only a single page on the whole project. There is a blog that provides some useful information, but again very limited.
One thing I don't really care for is the requirement that dionaea be run from root. I see the reasoning behind it. Obviously binding to specific ports requires the access, but there are ways around it and with all the configuration required I would think this something to toss in there.
The requirement that Python3 be installed within the /opt/dionaea folder was another sticking point. I would think that there would be a better way to do this.
Even scripting the installation with updates would be nice. They have a complete step by step write up on the web page , but if someone took all that effort to write it up I would think it would be fairly simple to write an installation script. Not being a very good programmer I wouldn't know the first thing about doing it, but it could be done.
It would also be a nice option to allow the use of anything other than sqlite to store results.
OK, will all that basically rambled off it seems fairly stable after install. I'm going to continue to play with it and see how much it takes to break.
