pgsqlpot 2.0.0__py2.py3-none-any.whl

pgsqlpot/data/docs/postgres/README.md

@@ -0,0 +1,184 @@
+# Sending the Output of the Honeypot to an PostgreSQL Database
+
+(For installation on Windows, see the corresponding [installation document](READMEWIN.md))
+
+- [Sending the Output of the Honeypot to an PostgreSQL Database](#sending-the-output-of-the-honeypot-to-an-postgresql-database)
+  - [Prerequisites](#prerequisites)
+  - [Installation](#installation)
+  - [PostgreSQL Database Creation](#postgresql-database-creation)
+  - [Honeypot Configuration](#honeypot-configuration)
+  - [Restart the honeypot](#restart-the-honeypot)
+
+## Prerequisites
+
+- Working honeypot installation
+- PostgreSQL
+
+## Installation
+
+When writing to an PostgreSQL database, the honeypot uses the free databases
+provided by MaxMind for the purpose of geoloacting the IP addresses.
+Start by installing the library necessary to work with these databases
+from an account that can sudo (i.e., not from the user `pgsqlpot`):
+
+```bash
+sudo add-apt-repository ppa:maxmind/ppa
+sudo apt-get update
+sudo apt-get install geoipupdate
+```
+
+Then, make sure that the PostgreSQL database and the `psql` command-line
+utility for managing it are installed:
+
+```bash
+sudo apt-get install postgresql-12 postgresql-client
+```
+
+Log in as the user `postgres` (the super-user in PostgreSQL) and create
+the honeypot-related database users, the database, and grant proper
+privileges to it to the users:
+
+```psql
+$ sudo su - postgres
+$ psql
+postgres=# create user pgsqlpot with password 'PASSWORD HERE';
+postgres=# create database pgsqlpot;
+postgres=# grant all privileges on database pgsqlpot to pgsqlpot;
+```
+
+(Make sure you specify a proper password that you want to use for the user
+`pgsqlpot` instead of 'PASSWORD HERE'.)
+
+If you're going to use a third-party tool for accessing the data from the
+database (e.g., [Grafana](https://www.grafana.com) for visualizing the data),
+it is advisable also to create a separate user that has read-only privileges
+to the database and have the third-party tool access the database as that
+user, so that in case the third-party tool contains some kind of vulnerability
+and is breached (and the attacker obtains the database user password from it),
+the attacker cannot modify the database:
+
+```psql
+postgres=# create user pgsqlpotReadOnly with password 'OTHER PASSWORD HERE';
+postgres=# grant select on database pgsqlpot to pgsqlpot;
+```
+
+(Make sure you specify a proper password that you want to use for the user
+`pgsqlpotReadOnly` instead of 'OTHER PASSWORD HERE'.)
+
+Finally, exit `psql`:
+
+```psql
+postgres=# \q
+```
+
+Now switch to the `pgsqlpot` user:
+
+```bash
+sudo su - pgsqlpot
+cd pgsqlpot
+```
+
+Go to the directory `data`, where the gelolocation databases will reside:
+
+```bash
+cd data
+```
+
+Create in this directory a file named `geoip.cfg` with the following contents:
+
+```geoip.cfg
+AccountID <ACCOUNT>
+LicenseKey <KEY>
+EditionIDs GeoLite2-City GeoLite2-ASN
+DatabaseDirectory /home/pgsqlpot/pgsqlpot-workdir/data
+LockFile /home/pgsqlpot/pgsqlpot-workdir/data/.geoipupdate.lock
+```
+
+Change the paths in the options `DatabaseDirectory` and `LockFile` if you
+have opted to use paths different from the ones suggested by the
+honeypot installation documentation. Make sure you replace `<ACCOUNT>`
+and `<KEY>` with the account and API key obtained from MaxMind.
+
+In order to be able to download the MaxMind geolocation databases (either
+manually or in an automated way), you need a (free) account at their site.
+You can create such an account [there](https://www.maxmind.com/en/geolite2/signup).
+Creating it involves choosing a user name and a password, providing some
+personal data like country of residence, industry in which you're working,
+intended use for their databases, an e-mail address, and also agreeing with
+their terms and conditions. Once the account is created, you can get your
+AccountID and LicenseKey from it.
+
+Download the latest version of the Maxmind geolocation databases:
+
+```bash
+geoipupdate -f geoip.cfg
+```
+
+To have the database updated automatically (it is updated on MaxMind's site
+every second Tuesday of each month, so download it every second Wednesday),
+create a crontab job (`crontab -e`) and enter the following:
+
+```crontab
+# Update the geoIP database at midnight on the 2nd Wednesday of each month:
+0 0 8-14 * * [ $(/bin/date +\%u) -eq 3 ] && /usr/bin/geoipupdate -f /home/pgsqlpot/pgsqlpot-workdir/data/geoip.cfg
+```
+
+Alternatively, if you already have the MaxMind geolocation databases installed
+and updated on your machine in some other place, use their respective paths in
+the `[output_postgres]` section of the file `honeypot.cfg`, as mentioned
+below.
+
+Finally, return to the main directory of the project:
+
+```bash
+cd ..
+```
+
+## PostgreSQL Database Creation
+
+The database is already created but it is completely empty. Now we have to
+specify its schema (tables and indexes):
+
+```bash
+psql -f docs/postgres/postgres.sql -W pgsqlpot pgsqlpot
+```
+
+You will be prompted for the password of the database user `pgsqlpot`.
+
+If your database does not reside on your local machine but is on some remote
+database server, use the options `-h host` and `-p port` of `psql` to
+specify how to connect to it.
+
+## Honeypot Configuration
+
+Add the following entries to the file `~/pgsqlpot-workdir/etc/honeypot.cfg`
+
+```honeypot.cfg
+[output_postgres]
+enabled = true
+debug = false
+host = localhost
+port = 5432
+username = pgsqlpot
+password = secret
+database = pgsqlpot
+# Whether to store geolocation data in the database
+geoip = true
+# Location of the databases used for geolocation
+geoip_citydb = data/GeoLite2-City.mmdb
+geoip_asndb = data/GeoLite2-ASN.mmdb
+```
+
+Make sure that you specify the correct information needed to connect to the
+database (the options `host`, `port`, `username`, and `password`) and that the
+options `geoip_citydb` and `geoip_asndb` point to the correct paths of the two
+MaxMind geolocation databases. Also, if you prefer to keep the PostgreSQL
+database under a different name, make sure that you specify its correct name
+with the `database` option.
+
+## Restart the honeypot
+
+```bash
+source ~/pgsqlpot-env/bin/activate
+pgsqlpot restart
+```

pgsqlpot/data/docs/postgres/READMEWIN.md

@@ -0,0 +1,196 @@
+# Sending the Output of the Honeypot to an PostgreSQL Database
+
+- [Sending the Output of the Honeypot to an PostgreSQL Database](#sending-the-output-of-the-honeypot-to-an-postgresql-database)
+  - [Prerequisites](#prerequisites)
+  - [Installation](#installation)
+  - [PostgreSQL Database Creation](#postgresql-database-creation)
+  - [Honeypot Configuration](#honeypot-configuration)
+  - [Restart the honeypot](#restart-the-honeypot)
+
+## Prerequisites
+
+- Working honeypot installation
+- PostgreSQL
+
+## Installation
+
+When writing to a PostgreSQL database, the honeypot uses the free databases
+provided by MaxMind for the purposes of geoloacting the IP addresses. Start by
+downloading the database update program for your particular kind of Windows from
+[GitHub](https://github.com/maxmind/geoipupdate/releases) and put it in a
+directory listed in the `PATH` variable of the environment.
+
+Create an account at the [MaxMind web
+site](https://support.maxmind.com/knowledge-base/articles/create-a-maxmind-account),
+log in, go to "My Account" and then to "Manage license keys". Write down the
+account ID, generate a license key, and copy it.
+
+Go to the directory `data`, where the gelolocation databases will reside:
+
+```powershell
+PS C:\> cd \pgsqlpot-workdir\data
+```
+
+Create in this directory a file named `geoip.cfg` with the following contents:
+
+```geoip.cfg
+AccountID <ACCOUNT>
+LicenseKey <KEY>
+EditionIDs GeoLite2-City GeoLite2-ASN
+DatabaseDirectory C:\pgsqlpot-workdir\data
+LockFile C:\pgsqlpot-workdir\data\.geoipupdate.lock
+```
+
+Change the paths in the options `DatabaseDirectory` and `LockFile` if you
+have opted to use paths different from the ones suggested by the
+honeypot installation documentation. Make sure you replace `<ACCOUNT>`
+and `<KEY>` with the account and license key obtained from MaxMind.
+
+Download the latest version of the Maxmind geolocation databases:
+
+```powershell
+PS C:\pgsqlpot-workdir\data> geoipupdate -f geoip.cfg
+```
+
+To have the database updated automatically (it is updated on MaxMind's site
+every second Tuesday of each month, so download it every second Wednesday),
+run the script `geoipupdtask.ps1` in the working directory:
+
+```powershell
+PS C:\pgsqlpot-workdir\data> ..\geoipupdtask.ps1 
+```
+
+It expects that the program `geoipupdate.exe` resides in one of the directories
+listed in the `PATH` variable of the environment, that the configuration file
+for it is named `geoip.cfg` and resides in the current directory, and that the
+updating task is to be run at 00:00. Also, it creates an updating task named
+`GeoIPUpdate`, which resides in the task folder `\` and has the description
+`GeoIP database updater`. You can change any of these parameters via
+command-line options to the script:
+
+```powershell
+PS C:\pgsqlpot-workdir\data> ..\geoipupdtask.ps1 -TaskName "My GeoIP Database Updater" -TaskPath "\MyTasks" -TaskDescription "Updates the GeoIP database" -RunTime "03:00:00" -geoipupdate "C:\Program File\geoipupdate\geoipupdate.exe" -geoipconfig "C:\pgsqlpot-workdir\data\geoip.cfg"
+```
+
+If you already have the MaxMind geolocation databases installed and updated on
+your machine in some other place, use their respective paths in the
+`[output_postgres]` section of the file `honeypot.cfg`, as mentioned below.
+
+Finally, return to the main working directory:
+
+```powershell
+PS C:\pgsqlpot-workdir\data> cd ..
+```
+
+## PostgreSQL Database Creation
+
+In order to access a PostgreSQL database from the command line on Windows, we
+need to install the command-line tools for this platform. Download the full
+package (datbase server, phpMyAdmin, etc.)
+[from here](https://sbp.enterprisedb.com/getfile.jsp?fileid=1259914), start the
+installer wizard and click the `Next` button. Specify the installation directory
+(e.g., `C:\Program Files\PostgreSQL`) and click the `Next` button. On the
+"Select Components" screen, uncheck everything except "Command Line Toos" (you
+can't uncheck them anyway) and click the `Next` button. Finally, on the next
+screen, click the `Next` button again to start the installation process.
+
+Once the installation is finished, open the Windows Settings, search for "env"
+and select "Edit environment variables for your account". Select the `Path`
+variable in the upper panel of the dialog that opens (or in the lower panel, if
+you want to make the command-line PostgreSQL client visible to all users), and
+click the `Edit` button. Then press the `New` button and add
+`%ProgramFiles%\PostgreSQL\bin` to the `Path` environmane variable. Finally,
+click `OK` to close all dialogs and exit the Windows Settings. Alternatively,
+you can do it via PowerShell like this:
+
+```powershell
+[System.Environment]::SetEnvironmentVariable("Path", $env:Path + ";%ProgramFiles%\PostgreSQL\bin", [System.EnvironmentVariableTarget]::User)
+```
+
+If you want the tools to be available to all users on the machine, instead of
+only to the current one, use `Machine` instead of `User` in the above command.
+However, you'll have to do this from a PowerShell prompt with `Administrator`
+privileges.
+
+Log in as the user `postgres` (the PostgreSQL administrator) and create the
+honeypot-related database users, the database, and grant proper privileges to it
+to the users:
+
+```psql
+PS C:\pgsqlpot-workdir> psql
+postgres=# create user pgsqlpot with password 'PASSWORD HERE';
+postgres=# create database pgsqlpot;
+postgres=# grant all privileges on database pgsqlpot to pgsqlpot;
+```
+
+(Make sure you specify a proper password that you want to use for the user
+`pgsqlpot` instead of 'PASSWORD HERE'.)
+
+If you're going to use a third-party tool for accessing the data from the
+database (e.g., [Grafana](https://www.grafana.com) for visualizing the data),
+it is advisable also to create a separate user that has read-only privileges
+to the database and have the third-party tool access the database as that
+user, so that in case the third-party tool contains some kind of vulnerability
+and is breached (and the attacker obtains the database user password from it),
+the attacker cannot modify the database:
+
+```psql
+postgres=# create user pgsqlpotReadOnly with password 'OTHER PASSWORD HERE';
+postgres=# grant select on database pgsqlpot to pgsqlpot;
+```
+
+(Make sure you specify a proper password that you want to use for the user
+`pgsqlpotReadOnly` instead of 'OTHER PASSWORD HERE'.)
+
+Finally, exit `psql`:
+
+```psql
+postgres=# \q
+```
+
+The database is already created but it is completely empty. Now we have to
+specify its schema (tables and indexes):
+
+```powershell
+PS C:\pgsqlpot-workdir> psql -f C:\pgsqlpot-workdir\docs\postgres\postgres.sql -W pgsqlpot pgsqlpot
+```
+
+You will be prompted for the password of the database user `pgsqlpot`.
+
+If your database does not reside on your local machine but is on some remote
+database server, use the options `-h host` and `-p port` of `psql` to specify
+how to connect to it.
+
+## Honeypot Configuration
+
+Add the following entries to the file `C:\pgsqlpot-workdir\etc\honeypot.cfg`
+
+```honeypot.cfg
+[output_postgres]
+enabled = true
+debug = false
+host = localhost
+port = 5432
+username = pgsqlpot
+password = secret
+database = pgsqlpot
+# Whether to store geolocation data in the database
+geoip = true
+# Location of the databases used for geolocation
+geoip_citydb = data/GeoLite2-City.mmdb
+geoip_asndb = data/GeoLite2-ASN.mmdb
+```
+
+Make sure that you specify the correct information needed to connect to the
+database (the options `host`, `port`, `username`, and `password`) and that the
+options `geoip_citydb` and `geoip_asndb` point to the correct paths of the two
+MaxMind geolocation databases. Also, if you prefer to keep the PostgreSQL
+database under a different name, make sure that you specify its correct name
+with the `database` option.
+
+## Restart the honeypot
+
+```powershell
+PS C:\pgsqlpot-workdir> C:\pgsqlpot-env\scripts\activate.ps1
+(pgsqlpot-env) PS C:\pgsqlpot-workdir> pgsqlpot restart
+```

pgsqlpot/data/docs/postgres/postgres.sql

@@ -0,0 +1,73 @@
+CREATE TABLE IF NOT EXISTS connections (
+  id SERIAL PRIMARY KEY,
+  sess_no VARCHAR(32) NOT NULL,
+  time_stamp TIMESTAMP DEFAULT NULL,
+  ip VARCHAR(15) DEFAULT NULL,
+  remote_port INTEGER DEFAULT NULL,
+  operation SMALLINT DEFAULT NULL,
+  local_host VARCHAR(15) DEFAULT NULL,
+  local_port INTEGER DEFAULT NULL,
+  sensor SMALLINT DEFAULT NULL
+);
+
+CREATE INDEX IF NOT EXISTS time_idx ON connections (time_stamp);
+CREATE INDEX IF NOT EXISTS ip_idx ON connections (ip);
+CREATE INDEX IF NOT EXISTS ip2_idx ON connections (time_stamp, ip);
+
+CREATE TABLE IF NOT EXISTS operations (
+  id SERIAL PRIMARY KEY,
+  op_name VARCHAR(63) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS credentials (
+  id SERIAL PRIMARY KEY,
+  sess_no VARCHAR(32) NOT NULL,
+  username SMALLINT DEFAULT NULL,
+  passwd SMALLINT DEFAULT NULL
+);
+
+CREATE TABLE IF NOT EXISTS usernames (
+  id SERIAL PRIMARY KEY,
+  username VARCHAR(255) DEFAULT NULL
+);
+
+CREATE TABLE IF NOT EXISTS passwords (
+  id SERIAL PRIMARY KEY,
+  passwd VARCHAR(255) DEFAULT NULL
+);
+
+CREATE TABLE IF NOT EXISTS variables (
+  id SERIAL PRIMARY KEY,
+  sess_no VARCHAR(32) NOT NULL,
+  var SMALLINT DEFAULT NULL,
+  val SMALLINT DEFAULT NULL
+);
+
+CREATE TABLE IF NOT EXISTS vars (
+  id SERIAL PRIMARY KEY,
+  var_name VARCHAR(255) DEFAULT NULL
+);
+
+CREATE TABLE IF NOT EXISTS var_values (
+  id SERIAL PRIMARY KEY,
+  var_value VARCHAR(255) DEFAULT NULL
+);
+
+CREATE TABLE IF NOT EXISTS sensors (
+  id SERIAL PRIMARY KEY,
+  sname VARCHAR(255) DEFAULT NULL
+);
+
+CREATE UNIQUE INDEX name_idx ON sensors (sname);
+
+CREATE TABLE IF NOT EXISTS geolocation (
+  id SERIAL PRIMARY KEY,
+  ip VARCHAR(15) DEFAULT NULL,
+  country_name VARCHAR(45) DEFAULT '',
+  country_iso_code VARCHAR(2) DEFAULT '',
+  city_name VARCHAR(128) DEFAULT '',
+  org VARCHAR(128) DEFAULT '',
+  org_asn INTEGER DEFAULT NULL
+);
+
+CREATE UNIQUE INDEX ip3_idx ON geolocation (ip);

pgsqlpot/data/docs/slack/README.md

@@ -0,0 +1,68 @@
+# Sending the output of the honeypot to a Slack channel
+
+This guide describes how to send the reports from the honeypot to a Slack
+channel.
+
+## Prerequisites
+
+- Working honeypot installation
+- A Slack account (workspace)
+
+## Create a channel for the honeypot's reports
+
+- Go to [Slack](https://slack.com) and log into your account (workspace) there.
+- Click the "LAUNCH SLACK" button. Slack will open in a new browser tab.
+- On the vertical planel on the left, click on the *right* side of the word
+  `Channels` and select **Create**->**Create channel** from the menu that
+  appears.
+- Enter some descriptive name, e.g., `pgsqlpot` in the field `Name` on the
+  dialog that appears.
+- Click the **Next** button.
+- Select the kind of channel you want - public or private on the dialog that
+  appears.
+- Click the **Create** button.
+
+## Create an app (bot)
+
+- Open a new browser tab and go to the URL
+  [https://api.slack.com/apps](https://api.slack.com/apps). You
+  have to do it manually; there doesn't seem to be a way to go there from
+  Slack's user interface.
+- Click on the big green **Create New App** button on the right.
+- Choose to create an app **From scratch** on the dialog that appears.
+- Enter the app name (e.g., `Honeypot Reporter`) and select your workspace,
+  then click on the **Create App** button. This will take you to the app
+  configuration page.
+- [OPTIONAL] In the dialog at the very bottom of the **Basic Information**
+  section, enter a short description for your bot (e.g., "Reports connections
+  to our honeypots"), choose a background color (e.g., `#2C2D30`; this field
+  cannot be empty), and choose an image (size must be between 512x512 and
+  2000x2000) for your bot's icon, then click the **Save Changes** button at
+  the bottom.
+- Go to the **OAuth & Permissions** section in the vertical bar on the right.
+- Near the bottom, in the **Scopes** section, click on the **Add an OAuth Scope**
+  button and select **chat:write** from the dialog that appears. Your bot does
+  not need any other permission.
+- A bit higher on the page (still on the **OAuth & Permissions** page), go
+  to the **OAuth Tokens for Your Workspace** section and click on the
+  **Install to Workspace** button. You'll be asked for confirmation; allow it.
+- A new field labeled **Bot User OAuth Token** will appear in the section
+  **OAuth Tokens for Your Workspace**. Copy it; you'll have to put it in the
+  honeypot's config file.
+
+## Add the bot to the channel
+
+- Go back to the browser tab with the Slack application.
+- Select the created channel `#pgsqlpot`.
+- Enter the command to invite your bot (`/invite @honeypot_reporter`) in the
+  area where you normally enter messages to be posted to the channel.
+
+## Configure the honeypot to use the bot
+
+- Uncomment the `[output_slack]` section in the file `honeypot.cfg`.
+- Set the variable `channel` to the name of the channel you created (e.g.,
+  `pgsqlpot`).
+- Set the variable `token` to the bot token you copied when creating the bot.
+- Set the variable `enabled` to `true`.
+- Save the file.
+- Launch the honeypot.

pgsqlpot/data/docs/sqlite3/README.md

@@ -0,0 +1,131 @@
+# Sending the Output of the Honeypot to an SQLite3 Database
+
+(For installation on Windows, see the corresponding [installation document](READMEWIN.md))
+
+- [Sending the Output of the Honeypot to an SQLite3 Database](#sending-the-output-of-the-honeypot-to-an-sqlite3-database)
+  - [Prerequisites](#prerequisites)
+  - [Installation](#installation)
+  - [SQLite3 Database Creation](#sqlite3-database-creation)
+  - [Honeypot Configuration](#honeypot-configuration)
+  - [Restart the honeypot](#restart-the-honeypot)
+
+## Prerequisites
+
+- Working honeypot installation
+- SQLite3 (Can be downloaded from the [official site](https://sqlite.org/download.html))
+
+## Installation
+
+When writing to an SQLite3 database, the honeypot uses the free databases
+provided by MaxMind for the purposes of geoloacting the IP addresses.
+Start by installing the library necessary to work with these databases
+from an account that can sudo (i.e., not from the user `pgsqlpot`):
+
+```bash
+sudo add-apt-repository ppa:maxmind/ppa
+sudo apt-get update
+sudo apt-get install sqlite3 geoipupdate
+```
+
+Now switch to the `pgsqlpot` user:
+
+```bash
+sudo su - pgsqlpot
+cd pgsqlpot-workdir
+```
+
+Go to the directory `data`, where the gelolocation databases will reside:
+
+```bash
+cd data
+```
+
+Create in this directory a file named `geoip.cfg` with the following contents:
+
+```geoip.cfg
+AccountID <ACCOUNT>
+LicenseKey <KEY>
+EditionIDs GeoLite2-City GeoLite2-ASN
+DatabaseDirectory /home/pgsqlpot/pgsqlpot-workdir/data
+LockFile /home/pgsqlpot/pgsqlpot-workdir/data/.geoipupdate.lock
+```
+
+Change the paths in the options `DatabaseDirectory` and `LockFile` if you
+have opted to use paths different from the ones suggested by the
+honeypot installation documentation. Make sure you replace `<ACCOUNT>`
+and `<KEY>` with the account and API key obtained from MaxMind.
+
+In order to be able to download the MaxMind geolocation databases (either
+manually or in an automated way), you need a (free) account at their site.
+You can create such an account [there](https://www.maxmind.com/en/geolite2/signup).
+Creating it involves choosing a user name and a password, providing some
+personal data like country of residence, industry in which you're working,
+intended use for their databases, an e-mail address, and also agreeing with
+their terms and conditions. Once the account is created, you can get your
+AccountID and LicenseKey from it.
+
+Download the latest version of the Maxmind geolocation databases:
+
+```bash
+geoipupdate -f geoip.cfg
+```
+
+To have the database updated automatically (it is updated on MaxMind's site
+every second Tuesday of each month, so download it every second Wednesday),
+create a crontab job (`crontab -e`) and enter the following:
+
+```crontab
+# Update the geoIP database at midnight on the 2nd Wednesday of each month:
+0 0 8-14 * * [ $(/bin/date +\%u) -eq 3 ] && /usr/bin/geoipupdate -f /home/pgsqlpot/pgsqlpot-workdir/data/geoip.cfg
+```
+
+Alternatively, if you already have the MaxMind geolocation databases installed
+and updated on your machine in some other place, use their respective paths in
+the `[output_sqlite]` section of the file `honeypot.cfg`, as mentioned
+below.
+
+Finally, return to the main directory of the project:
+
+```bash
+cd ..
+```
+
+## SQLite3 Database Creation
+
+First, create a database named `pgsqlpot.db`, residing in the `data` directory
+and based on the schema `docs/sqlite3/sqlite3.sql`:
+
+```bash
+sqlite3 ~/pgsqlpot-workdir/data/pgsqlpot.db < docs/sqlite3/sqlite3.sql
+```
+
+If you have opted on keeping the database elsewhere, use its proper path
+instead of `~/pgsqlpot-workdir/data/pgsqlpot.db`.
+
+## Honeypot Configuration
+
+Add the following entries to the file `~/pgsqlpot-workdir/etc/honeypot.cfg`
+
+```honeypot.cfg
+[output_sqlite]
+enabled = true
+debug = false
+db_file = data/pgsqlpot.db
+# Whether to store geolocation data in the database
+geoip = true
+# Location of the databases used for geolocation
+geoip_citydb = data/GeoLite2-City.mmdb
+geoip_asndb = data/GeoLite2-ASN.mmdb
+```
+
+Make sure the options `geoip_citydb` and `geoip_asndb` point to the correct
+paths of the two MaxMind geolocation databases. Also, if you prefer to keep
+the SQLite3 database elsewhere, make sure that you specify its correct path
+with the `db_file` option.
+
+## Restart the honeypot
+
+```bash
+source ~/pgsqlpot-env/bin/activate
+pgsqlpot restart
+```