Honeypots mailing list archives
Honeyd
From: "banuprasad samudrala" <sbprasad_2k () hotmail com>
Date: Sun, 10 Oct 2004 16:13:52 -0500
Interesting. I'd be interested in why pings don't work when the route config commands are there. Maybe send that question to the honeyd list and see if you get a response. Bob On Sun, Oct 10, 2004 at 02:24:00PM -0500, banuprasad samudrala wrote:
Hi bob, Eveb after adding set router default icmp action open it desn't work. When I type arp -n, there is no entry for 192.168.2.5. When i removed the commands route entry 192.168.2.5 route entry 192.168.2.5 link 192.168.3.0/24 I am able to ping the ips.. Thanks, prasad >From: Robert McMahon <bob () intotoinc com> >To: banuprasad samudrala <sbprasad_2k () hotmail com> >Subject: Re: Honeyd >Date: Sat, 9 Oct 2004 20:32:22 -0700 > >What happens if you add > >set router default icmp action open > >Also, is ARP working, i.e. do you see an arp (arp -n) >entry for 192.168.2.5? > >Bob > >On Sat, Oct 09, 2004 at 04:20:40PM -0500, banuprasad samudrala wrote: >> Hi bob, >>>> This is my configuration file, I able to ping ips 192.168.3.51-54 >except>> the entry router 192.168.2.5 >> >> ------------------------------------------------------- >> route entry 192.168.2.5 >> route 192.168.2.5 link 192.168.3.0/24 >> >> #windows NT4 web server >> create windows >> set windows personality "Windows NT 4.0 Server SP5-SP6" >> add windows tcp port 80 "perl scripts/iis-0.95/iisemul8.pl" >> add windows tcp port 139 open >> add windows tcp port 137 open >> add windows udp port 137 open >> add windows udp port 135 open >> set windows default tcp action reset >> set windows default udp action reset >> bind 192.168.3.51 windows >> >> ## Windows 2000 server >> create win2k >> set win2k personality "Windows 2000 server SP2" >> set win2k default tcp action reset >> set win2k default udp action reset >> set win2k default icmp action block >> set win2k uptime 3567 >> set win2k droprate in 13 >> add win2k tcp port 21 "sh scripts/win2k/msftp.sh $ipsrc $sport $ipdst >> $dport" >> add win2k tcp port 25 "sh scripts/win2k/exchange-smtp.sh $ipsrc $sport >> $ipdst $dport">> add win2k tcp port 80 "sh scripts/win2k/iis.sh $ipsrc $sport $ipdst >$dport">> add win2k tcp port 110 "sh scripts/win2k/exchange-pop3.sh $ipsrc $sport >> $ipdst $dport" >> add win2k tcp port 143 "sh scripts/win2k/exchange-imap.sh $ipsrc $sport >> $ipdst $dport" >> add win2k udp port 137 proxy $ipsrc:137 >> add win2k udp port 138 proxy $ipsrc:138 >> add win2k udp port 445 proxy $ipsrc:445 >> add win2k tcp port 137 proxy $ipsrc:137 >> add win2k tcp port 138 proxy $ipsrc:138 >> add win2k tcp port 139 proxy $ipsrc:139 >> add win2k tcp port 445 proxy $ipsrc:445 >> bind 192.168.3.52 win2k >> >> ##Cisco Router >> create router >> set router personality "Cisco IOS 11.3 - 12.0(11)" >> set router default tcp action reset >> set router default udp action reset >> add router tcp port 23 "/usr/bin/perl scripts/router-telnet.pl" >> add router udp port 80 open >> set router uid 32767 gid 32767 >> set router uptime 1327650 >> bind 192.168.2.5 router >> >> ##Linux >> create linux >> set linux personality "Linux 2.2.14" >> set linux default tcp action reset >> add linux tcp port 21 "sh /scripts/ftp.sh" >> add linux tcp port 23 "/usr/local/honeyd/scripts/telnet/faketelnet.pl" >> add linux tcp port 113 reset >> add linux tcp port 1 reset >> bind 192.168.3.53 linux >> bind 192.168.3.54 linux >> --------------------------------------------------------------------- >> >> I really dont know what is wrong.. >> >> Please help me.. >> >> Thanks, >> >> Prasad >> >> >> >From: Robert McMahon <bob () intotoinc com> >> >To: banuprasad samudrala <sbprasad_2k () hotmail com> >> >Subject: Re: Honeyd >> >Date: Sat, 9 Oct 2004 10:00:35 -0700 >> > >> >What did you bind 192.168.2.5 to? Your config below doesn't >> >have a name. Also, is the ICMP action set to OPEN for that >> >name, such as: >> > >> >create windows >> >set windows default icmp action open >> >bind 192.168.2.5 windows >> > >> >Bob >> > >> >On Fri, Oct 08, 2004 at 07:09:23PM -0500, banuprasad samudrala wrote: >> >> Hi, >> >> >> >> I am new to honeyd and having some problem when trying to ping the >> >virtual >> >> ip's >> >> >> >> configuration file >> >> --------------------- >> >> route entry 192.168.2.5 network 192.168.0.0/16 >> >> route 192.168.2.5 link 192.168.3.0/24 >> >> >> >> create windows >> >> ... >> >> >> >> .. >> >> >> >> bind 192.168.3.51 windows >> >> bind 192.168.3.52 windows >> >> >> >> create router >> >> ... >> >> >> >> >> >> .. >> >> bind 192.168.2.5 >> >> ---------------------------------------- >> >>>> >> I am using honeyd-linux-kit0.6. I have a LAN connected to SMC >broadband >> >> router(192.168.2.1) and LAN has 3 system 192.168.2.100, >192.168.2.101,>> >> 198.168.2.102. Honeyd is running on 192.168.2.100. >> >> >> >> started arpd : ./arpd 192.168.0.0/16 >> >> ./honeyd .....192.168.0.0/16 >> >>>> >> When I tried to ping 192.168.2.5 it says request timed out. But I get>> >> response when pinging 192.168.3.51 & 192.168.3.52. Is the problem >> >related >> >> setting routing tables on Linux. >> >> >> >> please help me. >> >> >> >> Thanks, >> >> >> >> prasad >> >> >> >> _________________________________________________________________ >> >> Express yourself instantly with MSN Messenger! Download today - it's >> >FREE! >> >> hthttp://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ >> >> _________________________________________________________________ >> Don?t just search. Find. Check out the new MSN Search! >> http://search.msn.click-url.com/go/onm00200636ave/direct/01/ _________________________________________________________________On the road to retirement? Check out MSN Life Events for advice on how to get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
_________________________________________________________________Get ready for school! Find articles, homework help and more in the Back to School Guide! http://special.msn.com/network/04backtoschool.armx
Current thread:
- Honeyd banuprasad samudrala (Oct 09)
- <Possible follow-ups>
- Honeyd banuprasad samudrala (Oct 10)