Honeypots mailing list archives

Re: Dmz single Ip

From: "Michael Anuzis" <michael_anuzis () hotmail com>
Date: Mon, 03 Mar 2003 18:03:59 -0500

You can't have both your firewall and your honeypot accept on port 22. Ifyou want a honeypot accepting on 22, I have to suggest making sshd run on adifferent port on your firewall. It's not possible to have a real IP and aNAT'd IP both sharing a single port 22.


See the following paper I wrote:
http://www.lucidic.net/whitepapers/manuzis-2-22-2003.html
"Basic Methods of Allowing Access to Your Honeynet"



Michael Anuzis, CCNA
Network Security Consultant
http://www.anuzisnetworking.com
http://www.lucidic.net - The Distributed Honeypot Project

From: faysspv () bellsouth net
To: honeypots () securityfocus com
Subject: Dmz single Ip
Date: Mon, 03 Mar 2003 14:38:45 -0500

I've been kicking around the idea to setup a honeypot for some time.
The only problem is I'm not sure how to keep my current test network
running and implementing a honeypot.  The problem is I have only one
ip address and I need to be able to access my firewall and honeypot
from the same port 22.  Any suggestions would be appreciated.



_________________________________________________________________

The new MSN 8: smart spam protection and 2 months FREE*http://join.msn.com/?page=features/junkmail

Current thread:

Dmz single Ip faysspv (Mar 03)
- Re: Dmz single Ip mike (Mar 03)
- <Possible follow-ups>
- Re: Dmz single Ip Michael Anuzis (Mar 03)
- Re: Dmz single IP mike (Mar 03)
- RE: Dmz single Ip Gonzalez, Albert (Mar 03)
- RE: Dmz single Ip Jacob Hurley (Mar 04)