frameloss
frameloss

2 min read - Posted 17 Feb 19

Geth RPC-API Attack Logger

Project Name

Geth RPC-API Attack Logger (graal?)

Project Tagline/Description (140 Characters Max. Will be used on table card for judging)

An Ethereum RPC-API medium-interaction honeypot for gathering attack information.

Team Members.

  • Todd Garrison
  • Marcus Tetreault
  • Cameron Merrick

Status.im ID

Detailed Project Description (no more than 3-4 sentences)

At some point many of us have left an RPC-API port open, perhaps by accident, or just out of curiosity. This is a project to assist in gathering data around what attacks take place when that happens, including the IP addresses involved, and the destination addresses the attackers use.

Describe your tech stack (e.g., protocols, languages, API’s, etc.)

  • Docker is used to start a geth light client, and a custom proxy.
  • The proxy is a simple golang service that provides logging, uses a kvs (bboltdb) to keep a running count of request types, and rewrites a few API calls that attackers find enticing, such as having an unlocked wallet.
  • The logs are intended to be ingested into elasticsearch for more analysis.
  • A simple stats.json file is created by the proxy, with the intent that this could be pushed into s3. This json file drives a (very simple) vue2 dashboard to show information about what IP addresses, what RPC methods, or the destination addresses for attempted outgoing transfers.

Track: Open

No bounties

https://github.com/frameloss/ethdenver2019

Created with Sketch.Content is"CC-BY-SA 4.0" licensed
Article On-chain
Article Author
frameloss

Todd Garrison

1

0

0

0 Comments
Related Articles
CypherPress

Project Name CypherPress Project Tagline/Description (140 Characters Max. Will be used on table card for judging) A white-labelled framework to build decentralised databases on IPFS with a layer or privacy( powered by NuCypher) Team Members. First and Last Names Pranav Singhal Arvind Kalra Status.im ID for Each Team Member (we will use this to contact you and your team) https://get.status.im/user/0x04cd7b4bdbe79949156b8bcfd502f18a421c38bfecb4c5017d2119eaf1c291c1314281dd708c28e29370ee024a7e6477a4

ETH Dev Tools

Project Name ETH Dev Tools Note - we are pursuing work on this project and plan to release something on the Chrome store soon - sign up to be notified when its ready! - https://goo.gl/forms/ueRQA2NKt5c7KeIj1 Project Tagline/Description (140 Characters Max. Will be used on table card for judging) A chrome dev tools plugin with multiple modules to let users monitor and to help smart contract developers debug directly from their dapps. Team Members. First and Last Names Aidan Musnitzky Billy Rennek