RE: trouble with fake-snmp on honeyd

["Suen" <syek () student ecu edu au>]

Thanks Sushant,

For the sake of experimentation I went to town and chmoded my fake-snmp.pl
and my log directory with 777 permissions and that doesn't seem to fix the
problem :( 


Regards, Suen 


-----Original Message-----
From: Sushant Sinha [mailto:sushant () umich edu] 
Sent: Friday, 12 May 2006 10:09 PM
To: honeypots () securityfocus com
Subject: Re: trouble with fake-snmp on honeyd

check for file permissions .. honeyd by default drops root privilages and
runs as nobody:nobody.
So check whether fake_snmp.pl has execute permissions for "all" and the log
file has write permissions  by nobody:nobody.

-sushant.

On Thursday 11 May 2006 11:31 pm, Suen wrote:
> Hi All,
>
> I'm running honeyd with the fake snmp script provided. my config file 
> points an IP and personality to the right location of the script and I 
> have done buildSNMPConfig.pl with .snmp and default.snmp files at the
ready.
> Changed the dirs in fake-snmp.pl to match where the logfile and honeyd 
> confs are running from. Got my .pm files going okay and r/w 
> permissions set.
>
> This is what I get on honeyd when I try a copy router config from 
> another machine with the correct IPs and community and a no response 
> on the machine initiating the snmp set (192.168.1.2)
>
> honeyd[31673]: Connection: udp (192.168.1.2:33333 - 172.16.3.1:161)
> honeyd[31673]: Connection established: udp (192.168.1.2:33333 -
> 172.16.3.1:161) <-> usr/local/sbin/scripts/snmp/fake-snmp.pl
> honeyd[31673]: E(192.168.1.2:33333 - 172.16.3.1:161): honeyd:
> honeyd[31673]: E(192.168.1.2:33333 - 172.16.3.1:161): cmd_fork:
> execv(usr/local/sbin/scripts/snmp/fake-snmp.pl)
> honeyd[31673]: E(192.168.1.2:33333 - 172.16.3.1:161): :
> honeyd[31673]: E(192.168.1.2:33333 - 172.16.3.1:161): No such file or 
> directory ...
>
> Apart from these messages, my log file is not even logging anything. 
> Anyone with ideas what I can do from here?
> Thanks.
>
> Regards, Suen