Honeypots mailing list archives
Honeyd-0.8 Wrong Respond fix
From: wan fat wu <thizthiz () yahoo com hk>
Date: Wed, 10 Mar 2004 15:48:13 +0800 (CST)
Hi All, I have posted an email with title "honeyd-0.8 wrong respond" before. I would like to add some more information for your reference. I have tried the patch from Niels Provos but it seems it doesn't work. What I mean that is nmap can't detect the OS. I have made some fix but it still don't work. I have attached it so everyone can have a look and welcome to give me comments. I hope that my fix can help.... I also included my full configuration of honeyd, error log, nmap result and my fixed. I found that some of the errors is becuase of the version of automake and autoconf. I will be appreciate for any help and comment. Also I need to thanks Niels Provos for his previous patch. Thanks a lot for everybody! Best, Fred ************CONFIG PROCEDURE ************************ [root@fred honeyd-0.8]# ./configure [root@fred honeyd-0.8]# make [root@fred honeyd-0.8]# make install ************FULL ERROR LOG FILE ********************* honeyd.c: In function `main': honeyd.c:2727: warning: implicit declaration of function `setgroups' lex.hyd.c:1601: warning: `yyunput' defined but not used personality.c: In function `personality_parse': personality.c:1229: warning: implicit declaration of function `isblank' template.h: At top level: personality.c:1519: warning: `print_xprobe_struct' defined but not used pfctl_osfp.c: In function `pfctl_file_fingerprints': pfctl_osfp.c:112: warning: implicit declaration of function `fgetln' pfctl_osfp.c:112: warning: assignment makes pointer from integer without a cast pyextend.c: In function `pyextend_readselector': pyextend.c:180: warning: passing arg 3 of `pyextend_selector' discards qualifiers from pointer target t ype pyextend.c: In function `pyextend_writeselector': pyextend.c:192: warning: passing arg 3 of `pyextend_selector' discards qualifiers from pointer target t ype /usr/lib/python2.2/config/libpython2.2.a(posixmodule.o)(.text+0x355e): In function `posix_tmpnam': : the use of `tmpnam_r' is dangerous, better use `mkstemp' /usr/lib/python2.2/config/libpython2.2.a(posixmodule.o)(.text+0x345b): In function `posix_tempnam': : the use of `tempnam' is dangerous, better use `mkstemp' ./libtool: line 730: test: =: unary operator expected ./libtool: line 730: test: =: unary operator expected ./libtool: line 730: test: =: unary operator expected ./libtool: line 2709: test: =: unary operator expected ./libtool: line 2982: test: =: unary operator expected WARNING: Using auxiliary files such as `acconfig.h', `config.h.bot' WARNING: and `config.h.top', to define templates for `config.h.in' WARNING: is deprecated and discouraged. WARNING: Using the third argument of `AC_DEFINE' and WARNING: `AC_DEFINE_UNQUOTED' allows to define a template without WARNING: `acconfig.h': WARNING: AC_DEFINE([NEED_MAIN], 1, WARNING: [Define if a function `main' is needed.]) WARNING: More sophisticated templates can also be produced, see the WARNING: documentation. configure.in:20: warning: AC_PROG_LEX invoked multiple times autoheader: `config.h.in' is updated *************My fix on some files******************** My fix on honeyd.c diff ./honeyd.c ../honeyd-0.8/honeyd.c 65d64 < #include <grp.h> My fix on personality.c [root@fred honey-fred-0.8-fix]# diff ./personality.c ../honeyd-0.8/personality.c 1198,1201d1197 < int isblank(char c) < { < return c == ' ' || c == '\t' ; < } My fix on pfctl_ospf.c [root@fred honey-fred-0.8-fix]# diff ./honeyd.c ../honeyd-0.8/honeyd.c 65d64 < #include <grp.h> diff pfctl_osfp.c ../honeyd-0.8/pfctl_osfp.c 97,100c97 < /*char *line;*/ < char bufline[4096]; < char *line = bufline ; < ---
char *line;
115,117c112 < //while ((line = fgetln(in, &len)) != NULL) { < while ( fgets( line, sizeof(line), in ) != NULL ) { < len = strlen( line ) ; ---
while ((line = fgetln(in, &len)) != NULL) {
My fix on pyextend.c [root@fred honey-fred-0.8-fix]# diff ./pyextend.c ../honeyd-0.8/pyextend.c 180c180 < return (pyextend_selector(args, ¤t_state->pread, "pyextend_readselector")); ---
return (pyextend_selector(args,
¤t_state->pread, __func__)); 192c192 < pValue = pyextend_selector(args, &state->pwrite, "pyextend_writeselector"); ---
pValue = pyextend_selector(args,
&state->pwrite, __func__); My fix on libtool [root@fred honey-fred-0.8-fix]# diff ./libtool ../honeyd-0.8/libtool 730c730 < if test "$pic_mode" = no && test "$deplibs_check_method" != pass_all; then ---
if test $pic_mode = no && test
"$deplibs_check_method" != pass_all; then 2709c2709 < if test "$build_libtool_need_lc" = "yes"; then ---
if test $build_libtool_need_lc = "yes";
then 2982c2982 < if test "$hardcode_into_libs" = yes; then ---
if test $hardcode_into_libs = yes; then
*****************honeyd.conf********************** # Example of a simple host template and its binding create default set default personality "FreeBSD 2.2.1-STABLE" set default default tcp action reset add default tcp port 80 "sh scripts/web.sh" add default tcp port 22 "sh scripts/test.sh" add default tcp port 113 reset add default tcp port 1 reset create allopen set allopen personality "NetBSD 1.5.2 running on a Commodore Amiga (68040 proces sor)" set allopen default tcp action open add allopen tcp port 80 "sh scripts/web.sh" add allopen tcp port 113 reset add allopen tcp port 1 reset create template set template personality "Check Point FireWall-1 4.0 SP-5 (IPSO build)" add template tcp port 80 "sh scripts/web.sh" add template tcp port 23 block add template tcp port 22 "sh scripts/test.sh" set template default tcp action reset set template uid 32767 # Example of a simple host template and its binding create win set win personality "Microsoft Windows XP Professional SP1" add win tcp port 22 "sh scripts/test.sh $ipsrc $dport" set win default tcp action reset add win tcp port 23 proxy $ipsrc:23 add win udp port 53 proxy 141.211.92.141:53 add win tcp port 80 "scripts/iis/main.pl" create solaris set solaris personality "Sun Solaris 2.6" set solaris default tcp action reset add solaris tcp port 80 "sh scripts/web.sh" add solaris tcp port 22 "sh scripts/test.sh" add solaris tcp port 161 "sh scripts/default.snmp" add solaris tcp port 113 reset add solaris tcp port 1 reset bind 192.168.0.30 template bind 192.168.0.40 allopen bind 192.168.0.50 win bind 192.168.0.60 solaris ***************RESULT************************ ARPD(I use xxxx for my MAC): arpd[3660]: arpd_send: who-has 192.168.0.30 tell 192.168.0.121 arpd[3660]: arpd_send: who-has 192.168.0.30 tell 192.168.0.121 arpd[3660]: arpd_recv_cb: 192.168.0.30 still discovering (2) arpd[3660]: arp reply 192.168.0.30 is-at xxxxx arpd[3660]: arpd_lookup: 192.168.0.1 at xxxxx arpd[3660]: arp reply 192.168.0.30 is-at xxxxx arpd[3660]: arpd_lookup: 192.168.0.254 at xxxxx arpd[3660]: arpd_recv_cb: 192.168.0.1 is allocated arpd[3660]: arpd_recv_cb: 192.168.0.254 is allocated arpd[3660]: arp reply 192.168.0.30 is-at xxxxx arpd[3660]: arp reply 192.168.0.30 is-at xxxxx arpd[3660]: arpd_recv_cb: 192.168.0.182 at xxxx arpd[3660]: arpd_recv_cb: 192.168.0.254 is allocated arpd[3660]: arp reply 192.168.0.30 is-at xxxxx arpd[3660]: arp reply 192.168.0.30 is-at xxxxx HONEYD(SnapShot of the result) honeyd[3662]: Connection request: tcp (192.168.0.120:61717 - 192.168.0.30:22) honeyd[3662]: Connection dropped by reset: tcp (192.168.0.120:61717 - 192.168.0.30:22) honeyd[3662]: Connection request: tcp (192.168.0.120:61718 - 192.168.0.30:22) honeyd[3662]: Connection dropped by reset: tcp (192.168.0.120:61718 - 192.168.0.30:22) NMAP RESULT [root@fred TARBALL]# nmap -O 192.168.0.30 Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) Interesting ports on (192.168.0.30): (The 1598 ports scanned but not shown below are in state: closed) Port State Service 22/tcp open ssh 23/tcp filtered telnet 80/tcp open http No exact OS matches for host (If you know what OS is running on it, see http://w ww.insecure.org/cgi-bin/nmap-submit.cgi). TCP/IP fingerprint: SInfo(V=3.00%P=i686-pc-linux-gnu%D=3/11%Time=40500E40%O=22%C=1) TSeq(Class=RI%gcd=1%SI=C391%IPID=I%TS=2HZ) T1(Resp=Y%DF=N%W=4000%ACK=S++%Flags=AS%Ops=NNT) T2(Resp=N) T3(Resp=Y%DF=N%W=3E80%ACK=S++%Flags=AS%Ops=M) T4(Resp=Y%DF=N%W=4000%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=N) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Uptime 1.033 days (since Wed Mar 10 14:11:05 2004) Nmap run completed -- 1 IP address (1 host up) scanned in 32 seconds _________________________________________________________ 必殺技、飲歌、小星星... 浪漫鈴聲 情心連繫 http://us.rd.yahoo.com/evt=22281/*http://ringtone.yahoo.com.hk/
Current thread:
- Honeyd-0.8 Wrong Respond fix wan fat wu (Mar 10)