Question 1

How does Artillery compare to Fail2ban for SSH protection?

Accepted Answer

Artillery includes SSH brute force detection similar to Fail2ban but integrates it with honeypot and filesystem monitoring for a broader defense. However, Fail2ban is more customizable and mature for SSH-specific scenarios, while Artillery offers a simpler, all-in-one approach.

Question 2

How to add custom directories for filesystem monitoring in Artillery?

Accepted Answer

Edit the config file at /var/artillery/config on Linux or the Windows equivalent, specify the directories under the monitoring section, and restart Artillery. The README mentions default folders like /etc, but you can expand this list as needed.

Question 3

Is Artillery still actively maintained in 2023?

Accepted Answer

The GitHub repository shows activity, but the README notes it's 'eventually' evolving into a hardening platform, suggesting development might be slow. Check the issue tracker for recent updates to gauge current maintenance.

Question 4

What ports does Artillery honeypot listen on by default?

Accepted Answer

Artillery sets up multiple common attack ports, though specific ports aren't listed in the README. Typically, it includes ports like 22 (SSH), 80 (HTTP), and 443 (HTTPS) based on common targets, but you can configure this in the settings.

Question 5

Can Artillery integrate with SIEM systems for logging?

Accepted Answer

No, Artillery lacks built-in integrations for SIEMs or centralized logging. It relies on email alerts and local log files, so you'd need to manually forward data or use external scripts for integration.

Question 6

How to uninstall Artillery from a Linux server?

Accepted Answer

To uninstall, stop the Artillery process, remove the installation directory (/var/artillery), delete its entry from /etc/init.d/rc.local, and clean up any remaining files. The README doesn't provide an automated uninstall script, so this is a manual process.

Artillery

What is Artillery?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions