Honeypots mailing list archives
honeyd config question
From: Earl <unorlist () yahoo com>
Date: Wed, 4 Aug 2004 13:10:42 -0700 (PDT)
This may sound dumb but is there a way to run a scrip on everything that hits a particular honeypot... Something like this: create mytemplate set mytemplate personality "BeOS 4 - 4.5" set mytemplate default tcp action reset set mytemplate default udp action reset set mytemplate default icmp action reset add mytemplate tcp port * "sh /scripts/blah.sh" add mytemplate udp port * "sh /scripts/blah.sh" bind w.x.y.z mytemplate Niels' syntax checking aborts when I try the above and I've tried everyting else I can think of to no avail. Should I be doing this with Python internal service scripts (especially considering potential overhead)? If so, does anyone have any samples I can cheat from? Thanks. Earl __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Current thread:
- honeyd config question Earl (Aug 04)
- Re: honeyd config question Niels Provos (Aug 04)