Honeypots mailing list archives
RES: virtual honeynet with vmware
From: Henrique Issamu Terada <henrique.terada () cpm com br>
Date: Wed, 1 Oct 2003 15:23:24 -0300
GR, Did you add the route 192.168.172.X/24 in your hosts/routers at 129.157.178.X , pointing to the 129.157.178.X address of Redhat ?
_____________________________________ Henrique Issamu Terada, CCIE # 7460 IT Support - Open Network CPM S.A. - Tecnologia criando valor Tel.: 55 11 4196-0710 Fax: 55 11 4196-0900 henrique.terada () cpm com br www.cpm.com.br -------------------------------------------------------------------------- ------------------- Esta mensagem pode conter informação confidencial e/ou privilegiada. Se você não for o destinatário ou a pessoa autorizada a receber esta mensagem, não pode usar, copiar ou divulgar as informações nela contidas ou tomar qualquer ação baseada nessas informações. Se você recebeu esta mensagem por engano, por favor avise imediatamente o remetente, respondendo o e-mail e em seguida apague-o. Agradecemos sua cooperação. This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. -----Mensagem original----- De: Guillaume Rix [SMTP:guillaume.rix () sun com] Enviada em: quarta-feira, 1 de outubro de 2003 03:59 Para: honeypots () securityfocus com Assunto: virtual honeynet with vmware Hi gang, I tried to implement a virtual honeynet GEN2 with Vmware. Here is my limited architecture : HostOS ( access with internet): ---------------------------------------- RedHat9 One physical interface eth0 eth0 Lien encap:Ethernet HWaddr 00:x6:xB:6x:x6:Dx inet adr:129.157.178.xxx Bcast:129.157.178.255 Masque:255.255.255.0 gateway : 129.157.178.1 One logical interface vmnet1 (Host-Only Networking with Vmware) vmnet1 Lien encap:Ethernet HWaddr 00:5x:x6:Cx:0x:0x inet adr:192.168.172.1 Bcast:192.168.172.255 Masque:255.255.255.0 GuestOS : ------------- OpenBSD3-3 ( ip=192.168.172.2 gateway=192.168.172.1) FreeBSD5-1r ( ip=192.168.172.3 gateway=192.168.172.1) Win2000Pro ( ip=192.168.172.4 gateway=192.168.172.1) Is this configuration correct (gateway, ip, etc ...) ? Here, before to use rc.firewall for the bridge mode, my GuestOS can't contact the network 129.157.178.0 but just the ip of the HostOS (129.157.178.xxx). Here is the principal configuration of my rc.firewall script : -------------------------------------------------------------------------- ---- PUBLIC_IP="192.168.172.2 192.168.172.3 192.168.172.4" INET_IFACE="eth0" LAN_IFACE="vmnet1" LAN_BCAST_ADDRESS="192.168.172.255" After I execute this script, I can't communicate with the external address from my HostOS with eth0. Am I impose to have two physical interfaces ? One eth0 for enter to the network 129.157.178.0, and another one eth1 for use with the bridge ? In fact, I am completly confuse here and here is what I want : Continue to use my HostOS for access to intranet (with my static IP 129.157.178.xxx) and internet. Build a virtual honeynet with vmware on a Host-Only Networking 192.168.172.0 For genII, I need to use the firewall in bridge mode. Allow to my GuestOS to acceed to the intranet 129.157.178.0 and more. Can I use a virtual IP for my bridge for keep my eth1 with the IP address 129.157.178.xxx ? I hope that my requests are not bad. Please help me to find a solution for this situation. Thanks in advance for your comments on this. GR --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.522 / Virus Database: 320 - Release Date: 29/09/2003
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.522 / Virus Database: 320 - Release Date: 29/09/2003
Current thread:
- RES: virtual honeynet with vmware Henrique Issamu Terada (Oct 01)