Honeypots mailing list archives
Re: newbi question
From: Cabotse Aurélien <aurelien.cabotse () srt-poste fr>
Date: Thu, 22 May 2003 10:45:45 +0200
ravenlord a écrit:
hi,----- Original Message ----- From: "Cabotse Aurélien" <aurelien.cabotse () srt-poste fr>To: <honeypots () securityfocus com> Sent: Wednesday, May 21, 2003 7:37 AM Subject: newbi questionAnd when i scan the honeypot I obtain the original O.S. and not the honeypotmy guest is you should run arpd first, and make sure 10.7.1.112 is not the host ip,
Ok I made a mistake.Now I emulate a new host IP 10.7.1.116 withn Windows NT on my debian 10.7.1.112 in a LAN network 10.0.0.0/8 create template set template personality "Windows NT 4.0 Server SP5-SP6"
set template default tcp action reset set template default udp action reset add template tcp port 80 "perl scripts/iisemulator-0.95/iisemul8.pl" add template tcp port 139 open add template tcp port 137 open add template udp port 137 open add template udp port 135 open set template uptime 3284460 bind 10.7.1.116 template I run #arpd 10.7.1.116then run # honeyd -p nmap.prints -f /etc/honeyd/honeyd.conf -a nmap.assoc 10.7.1.116
- Connecting to Tcp prelude Manager server 10.3.3.224:5554. - SSL authentication succeed with Prelude Manager.honeyd[1524]: listening on eth0: ip and (dst 10.7.1.116) and not ether src 00:60:b0:67:89:93
And nothing append when I do a scan or a ping I don't known what is wrong -- Aurélien Cabotse
Current thread:
- newbi question Cabotse Aurélien (May 21)
- Re: newbi question Fabian Bieker (May 22)
- Re: newbi question Cabotse Aurélien (May 22)
- Message not available
- Re: newbi question Cabotse Aurélien (May 22)
- Re: newbi question Christian Kreibich (May 22)
- Re: newbi question Fabian Bieker (May 22)
- Re: newbi question Cabotse Aurélien (May 22)
- Re: newbi question Fabian Bieker (May 22)