Honeypots mailing list archives
my sebek2 did not work
From: Fang Yong <fatb () security zz ha cn>
Date: 16 Jun 2003 00:32:57 -0000
Hi all I'm a newbie here,plz do me a favor I've downloaded Sebek-linux-2.0.1 and SebekSniff-2.0.1 source and extracted the source code and get them compiled successfully in a redhat 7.3 box,so get a file named sebek-linux-2.0.1-bin.tar I also extracted it and edited the sebek.sh with right info #----- sets destination IP for sebek packets DESTINATION_IP="xx.xx.xx.xx" #----- sets destination MAC addr for sebek packets DESTINATION_MAC="00:02:B3:94:58:04" #----- defines the destination udp port sebek sends to DESTINATION_PORT=1101 #----- controls what SRC MAC OUIs to hide from users #----- Only the first 3 octets are evaluated. FILTER_OUI="00:D0:09" #----- controls the output interface INTERFACE="eth0"; then I login another redhat7.3 box and compiled the sebeksniff and run it like this ./sebeksniff -i eth0 -p 1101 -l /home/me/log and then do something in the first linux box which installed the sebek,but the sebeksniff can get any info and find nothing in the /home/me/log dir :( I also use tcpdump to capture the udp port 1101,but got nothing the same Is there anybody faced the same problem the same with I did ? thanks in advance !!
Current thread:
- my sebek2 did not work Fang Yong (Jun 15)
- Re: my sebek2 did not work george chamales (Jun 16)
- Re: my sebek2 did not work fatb (Jun 16)
- Re: my sebek2 did not work Seth Arnold (Jun 16)
- Re: my sebek2 did not work fatb (Jun 16)
- Re: my sebek2 did not work Edward Balas (Jun 16)
- Re: my sebek2 did not work fatb (Jun 16)
- Re: my sebek2 did not work Edward Balas (Jun 17)
- Re: my sebek2 did not work fatb (Jun 16)
- Re: my sebek2 did not work george chamales (Jun 16)