Re: Honeyd for win32

[Pat Garlick <patlg1 () netzero net>]

In-Reply-To: <20030401185454.8331.qmail () www securityfocus com>

Hello Michael:

I am responding to the email message you gave me earlier this week. Sorry 
it took me a while to get back to you, I'm a Grad Student.
I uninstalled and deleted the unzipped honeyd files that was in my Common
Directory on the Win2000 box.  I then unzipped and installed again the
honeyd-0.5-win32.zip program that I downloaded from your site.  I did not 
go into any of the files to make adjustments.

I executed honeyd.exe from the Run Command.  The message again appeared:
"Impossible SI Range in Class Fingerprint "Windows NT 4 SP3".  The screen
stalls with a flashing cursor that does not respond to anything else.

I then ran cmd.exe from the Run Command to cd to CommonDirectory\honeyd-0.5
where honeyd.exe is stored. Typed honeyd.exe at the prompt and again the
message: Impossible SI Range in Class Fingerprint "Windows NT 4 SP3". Again
the screen stalls with a flashing cursor that does not respond to anything
else.

There is another message I got when I typed C:\commondirectory>honeyd.exe
 'honeyd.exe' is not recognized as an internal or external command operable
program or batch file.

All of the honeyd files are in the CommonDirectory\honeyd-0.5\honeyd.exe
that I created for it directly on the C:\
What else should I do to get it to run?

Michael, thanks for your help......

Pat L. Garlick

Subject: Re: Honeyd for win32


Michael:
> Per your answer to my help with honeyd on Win2000 box.  Another user 
> suggested that I:... In the nmap.prints file try removing the entry 
> for "Windows NT 4 SP3".  I've run into this problem on some other 
versions 
> of honeyd.
>
> I did this and when I run Honeyd.exe a screen flashes briefly and that is 
> it.  Is this all there is to the install of honeyd on Windows 2000?  I 
did 
> read the honeyd.html page and understand there are switches that can be 
> used to configure different things.  Where I configure it....i'm sorry, i 
> do not know??  This is all new to me.
>
> Additionally,  I would like to know: once honeyd is actually running on 
> the Windows 2000 box........will it indicate a process is running in any 
> of the system files........or modules?  If so, what will it be named?  
> this would be an indication to me as well that honeyd is actually 
> installed and running on this box.
>
> thanks for your help. i need to get this up and running sooooooooooooon,
> pat
>
>
>
> >