Honeypots mailing list archives

Re: Help Needed: Having a problem with sebek server

From: Pierre LALET <lalet () enseirb fr>
Date: Wed, 19 Nov 2003 02:59:28 +0100

Hello,

Turner,Robbin J. wrote:

I was trying to extract the data from a tcpdump stream and thesbk_extract is giving me a malformed sebek record error. The data iscoming off a Debian honeypot into a RedHat box running tcpdump. ThenI'm piping the tcpdump output into the sbk_extract and getting thefollowing:
[SNIP]

The question might be stupid, but let's go : is the server's interfacean ethernet device ? If no, I thing the server does not work (well Icould not manage to make it work on a ppp device).


pierre



--
Pierre LALET -- Droids Corporation
lalet () enseirb fr -- http://www.enseirb.fr/~lalet
Clé publique PGP : http://www.enseirb.fr/~lalet/pierre_lalet.asc
Empreinte de la clé : B6B8 0F89 2220 DF8B 0F3B  C0C0 773E 15E6 A878 FC7E

Attachment: _bin
Description:

Current thread:

Help Needed: Having a problem with sebek server Turner,Robbin J. (Nov 18)
- Re: Help Needed: Having a problem with sebek server Edward Balas (Nov 18)
  - Re: Help Needed: Having a problem with sebek server Turner,Robbin J. (Nov 19)
    - Re: Help Needed: Having a problem with sebek server Edward Balas (Nov 19)
- Re: Help Needed: Having a problem with sebek server Pierre LALET (Nov 18)
  - Re: Help Needed: Having a problem with sebek server Laurent OUDOT (Nov 22)
    - Re: Help Needed: Having a problem with sebek server Pierre LALET (Nov 22)