Artillery on Kali Linux: HONEYPOT_BAN not working :(

[masters274]

The function ssh_monitor() checks for existing log files to read, via if statements. For Debian it first checks the presence of auth.log (where sshd logs failures, default config on my Kali), which exists

        if os.path.isfile("/var/log/auth.log"):
            fileopen1 = open("/var/log/auth.log", "r")

shortly after, there is another Debian check for faillog,

        if os.path.isfile("/var/log/faillog"):
            fileopen1 = open("/var/log/faillog", "r")

which also exists, but from what I can tell, nothing logs there, as it is an empty file. This, artillery continues to read an empty file, and never blocks when attacked.

Commenting out the check for the faillog worked in fixing the problem for my situation. Not sure if some extra logic would be useful to solve this for others...

Thanks for the report! This is fixed in the latest version :-)