Honeypots mailing list archives
RE: sebek2
From: "Jeff Dell" <jdell () activeworx com>
Date: Thu, 25 Sep 2003 14:51:16 -0400
Sebek client can not be on the same machine as sbk_extract. The Sebek client hides all sebek traffic that it sees before sbk_extract has a chance to see it. You will need two machines or 1 machine with vmware. Jeff Dell Florida Honeynet Project -----Original Message----- From: Rick S. [mailto:rsheppar () midnight ecet vtc edu] Sent: Wednesday, September 24, 2003 11:02 PM To: honeypots () securityfocus com Subject: sebek2 I'm testing sebek on one machine. Can the server be on the same machine that is capturing? I ask this because when I run 'sbk_extract -i eth0 -p 1101 | sbk_ks_log.pl' I don't get any output. Rick . gentoo kernel (2.4.20-r6)
Current thread:
- sebek2 Rick S. (Sep 25)
- RE: sebek2 Jeff Dell (Sep 25)
- more sebek Rick S. (Sep 26)
- Re: more sebek Edward Balas (Sep 26)
- more sebek Rick S. (Sep 26)
- RE: sebek2 Jeff Dell (Sep 25)