Honeypots mailing list archives
RES: virtual honeynet with vmware
From: Henrique Issamu Terada <henrique.terada () cpm com br>
Date: Wed, 1 Oct 2003 15:23:24 -0300
GR, Did you add the route 192.168.172.X/24 in your hosts/routers at 129.157.178.X , pointing to the 129.157.178.X address of Redhat ?
_____________________________________
Henrique Issamu Terada, CCIE # 7460
IT Support - Open Network
CPM S.A. - Tecnologia criando valor
Tel.: 55 11 4196-0710
Fax: 55 11 4196-0900
henrique.terada () cpm com br
www.cpm.com.br
--------------------------------------------------------------------------
-------------------
Esta mensagem pode conter informação confidencial e/ou privilegiada. Se
você não for o destinatário ou a pessoa autorizada a receber esta
mensagem, não pode usar, copiar ou divulgar as informações nela contidas
ou tomar qualquer ação baseada nessas informações. Se você recebeu esta
mensagem por engano, por favor avise imediatamente o remetente,
respondendo o e-mail e em seguida apague-o. Agradecemos sua cooperação.
This message may contain confidential and/or privileged information. If
you are not the addressee or authorized to receive this for the addressee,
you must not use, copy, disclose or take any action based on this message
or any information herein. If you have received this message in error,
please advise the sender immediately by reply e-mail and delete this
message. Thank you for your cooperation.
-----Mensagem original-----
De: Guillaume Rix [SMTP:guillaume.rix () sun com]
Enviada em: quarta-feira, 1 de outubro de 2003 03:59
Para: honeypots () securityfocus com
Assunto: virtual honeynet with vmware
Hi gang,
I tried to implement a virtual honeynet GEN2 with Vmware.
Here is my limited architecture :
HostOS ( access with internet):
----------------------------------------
RedHat9
One physical interface eth0
eth0 Lien encap:Ethernet HWaddr 00:x6:xB:6x:x6:Dx
inet adr:129.157.178.xxx Bcast:129.157.178.255
Masque:255.255.255.0
gateway : 129.157.178.1
One logical interface vmnet1 (Host-Only Networking with Vmware)
vmnet1 Lien encap:Ethernet HWaddr 00:5x:x6:Cx:0x:0x
inet adr:192.168.172.1 Bcast:192.168.172.255
Masque:255.255.255.0
GuestOS :
-------------
OpenBSD3-3 ( ip=192.168.172.2 gateway=192.168.172.1)
FreeBSD5-1r ( ip=192.168.172.3 gateway=192.168.172.1)
Win2000Pro ( ip=192.168.172.4 gateway=192.168.172.1)
Is this configuration correct (gateway, ip, etc ...) ?
Here, before to use rc.firewall for the bridge mode, my GuestOS can't
contact the network 129.157.178.0 but
just the ip of the HostOS (129.157.178.xxx).
Here is the principal configuration of my rc.firewall script :
--------------------------------------------------------------------------
----
PUBLIC_IP="192.168.172.2 192.168.172.3 192.168.172.4"
INET_IFACE="eth0"
LAN_IFACE="vmnet1"
LAN_BCAST_ADDRESS="192.168.172.255"
After I execute this script, I can't communicate with the external
address from my HostOS with eth0.
Am I impose to have two physical interfaces ?
One eth0 for enter to the network 129.157.178.0,
and another one eth1 for use with the bridge ?
In fact, I am completly confuse here and here is what I want :
Continue to use my HostOS for access to intranet (with my static IP
129.157.178.xxx) and internet.
Build a virtual honeynet with vmware on a Host-Only Networking
192.168.172.0
For genII, I need to use the firewall in bridge mode.
Allow to my GuestOS to acceed to the intranet 129.157.178.0 and more.
Can I use a virtual IP for my bridge for keep my eth1 with the IP
address 129.157.178.xxx ?
I hope that my requests are not bad.
Please help me to find a solution for this situation.
Thanks in advance for your comments on this.
GR
---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.522 / Virus Database: 320 - Release Date: 29/09/2003
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.522 / Virus Database: 320 - Release Date: 29/09/2003
Current thread:
- RES: virtual honeynet with vmware Henrique Issamu Terada (Oct 01)