RE: Honeyd will only create logs for smtp and ftp

["Compton, Rich" <RCompton () chartercom com>]

Ok, I figured out why only those service scripts were logging traffic.  Only
those two have logging in the scripts that run!  So, before I go and write
my own scripts has anybody already done it?  (What can I say?  I'm lazy. :)

Is there a site that has a bunch of scripts simulating services?  Does
honeyd support more logging than just the src/dst and ip type like I see in
/var/log/honeyd?

Thanks,
Rich Compton

-----Original Message-----
From: Compton, Rich 
Sent: Monday, March 17, 2003 11:49 AM
To: honeypots () securityfocus com
Subject: Honeyd will only create logs for smtp and ftp


Does anybody know why honeyd will only create logs under /tmp/honeyd for
smtp and ftp?

Thanks in advance,
Rich Compton

Here's my honeyd.conf file:

------------------------------------------------------------

create template
set template default tcp action reset
set template default udp action reset
set template personality "Cisco IOS 11.3 - 12.0(11)"
add template tcp port 21 "sh /etc/honeyd/scripts/ftp.sh $ipsrc $dport"
#This doesn't really work!
#add template tcp port 22 "sh /etc/honeyd/scripts/test.sh $ipsrc $dport"
add template tcp port 23 "perl /etc/honeyd/scripts/router-telnet.pl $ipsrc
$dport"
add template tcp port 25 "sh /etc/honeyd/scripts/smtp.sh $ipsrc $sport"
add template tcp port 53 "sh /etc/honeyd/scripts/test.sh $ipsrc $dport"
#Too many traps!
#add template tcp port 80 "perl
/etc/honeyd/scripts/iisemulator-0.95/iisemul8.pl"
add template tcp port 110 "sh /etc/honeyd/scripts/test.sh $ipsrc $sport"
add template tcp port 443 "sh /etc/honeyd/scripts/web.sh"
#This would be to proxy the connection to another device
#add template tcp port 23 proxy $ipsrc:23
set template uid 32767 gid 32767
set template uptime 31337

bind 68.114.168.88 template

---------------------------------------------------------