Re: newbi question

[Cabotse Aurélien <aurelien.cabotse () srt-poste fr>]

ravenlord a écrit:

> hi,
> ----- Original Message ----- 
> From: "Cabotse Aurélien" <aurelien.cabotse () srt-poste fr>
> To: <honeypots () securityfocus com>
> Sent: Wednesday, May 21, 2003 7:37 AM
> Subject: newbi question
>
>  
>
> > And when i scan the honeypot I obtain the original  O.S. and not the
> > honeypot
> >    
>
> my guest is you should run arpd first,
> and make sure 10.7.1.112 is not the host ip,
>
>
>
>
>  
Ok I made a mistake.
Now I emulate a new host IP 10.7.1.116 withn Windows NT on my debian 
10.7.1.112 in a LAN network 10.0.0.0/8
       create template   
       set template personality "Windows NT 4.0 Server SP5-SP6"
       set template default tcp action reset
       set template default udp action reset
       add template tcp port 80 "perl scripts/iisemulator-0.95/iisemul8.pl"
       add template tcp port 139 open
       add template tcp port 137 open
       add template udp port 137 open
       add template udp port 135 open
       set template  uptime 3284460
       bind 10.7.1.116 template
I  run
   #arpd 10.7.1.116
then run  
   # honeyd -p nmap.prints -f /etc/honeyd/honeyd.conf -a nmap.assoc  
10.7.1.116
- Connecting to Tcp prelude Manager server 10.3.3.224:5554.
- SSL authentication succeed with Prelude Manager.
honeyd[1524]: listening on eth0: ip and (dst 10.7.1.116) and not ether 
src 00:60:b0:67:89:93

And nothing append when I do a scan or a ping
I don't known what is wrong

--
Aurélien Cabotse