Honeypots mailing list archives

Re: Keystroke Logger bash patch on honeynet.org

From: Edward Balas <ebalas () iu edu>
Date: Mon, 22 Mar 2004 14:50:49 -0500 (EST)

On Mon, 22 Mar 2004, Eric Hines wrote:

Edward,

Great to hear from you. Awesome tool.. We're talking about adding support to it
to the Applied Watch Command Center (http://www.appliedwatch.com)

Question, we can't seem to get it to compile on Redhat 7.3 honeypots.

Seems we are missing af_packet.c


[root@localhost sebek-linux-2.1.7]# uname -a
Linux localhost.localdomain 2.2.14-5.0smp #1 SMP Tue Mar 7 21:01:40 EST 2000
i686 unknown

[root@localhost sebek-linux-2.1.7]# make
cp /usr/src/linux-2.4/net/packet/af_packet.c .
cp: /usr/src/linux-2.4/net/packet/af_packet.c: No such file or directory
make: *** [af_packet.c] Error 1


Any ideas? Google produces nada..


As this is a kernel  module based tool, it requires the presence of the 
kernel source.  The source also must be configured properly, ie configured 
and at least a make dep has to be run.  

I have two guesses from the error messages above, the first is that
the kernel source is not installed, the second is that it is installed but
there is no symlink in /usr/src/ that points linux-2.4 to the specific 
instance of the source.

Edward

Current thread:

Keystroke Logger bash patch on honeynet.org Eric Hines (Mar 22)
- RE: Keystroke Logger bash patch on honeynet.org Jeff Dell (Mar 22)
- Re: Keystroke Logger bash patch on honeynet.org Thorsten Holz (Mar 22)
- <Possible follow-ups>
- RE: Keystroke Logger bash patch on honeynet.org Barnett, Ryan C. (Mar 22)
- Re: Keystroke Logger bash patch on honeynet.org Eric Hines (Mar 22)
  - Re: Keystroke Logger bash patch on honeynet.org Edward Balas (Mar 22)