Honeypots mailing list archives

Previous By Date Next
Previous By Thread Next

Walleye don't recognize sebek packet

From: "mng3 () libero it" <mng3 () libero it>
Date: Thu, 19 Oct 2006 18:50:33 +0200
Hi,
I have a little problem with Walleye (I use roo-1.0.hw-189 with one Windows honeypot).
In fact, Walleye show *only one* Sebek record when the honeypot starts.

So, Walleye don't show the other sebek packets: they are considered as they were normal traffic.
I.e., the Sebek packet's source IP is the IP of the Honeypot (source port = 1101), it's destination IP and port are the 
IP and port that I've chosen.
So, the buttons for get additional information on Sebek data are not displayed.

Of course, I've indicated to the Honeywall the destination IP and port that Sebek client use.

Thanks

Regards






------------------------------------------------------
Fino al 30% di risparmio + sconto extra del 10%. Scopri Direct Line con il preventivo gratuito, entro il 31 Ottobre!
http://click.libero.it/direct_line7
Previous By Date Next
Previous By Thread Next

Current thread: