Honeypots mailing list archives
Re: Help Needed: Having a problem with sebek server
From: Laurent OUDOT <oudot () rstack org>
Date: Sat, 22 Nov 2003 21:51:22 +0100
Pierre LALET a écrit:
Hello, Turner,Robbin J. wrote:I was trying to extract the data from a tcpdump stream and the sbk_extract is giving me a malformed sebek record error. The data is coming off a Debian honeypot into a RedHat box running tcpdump. Then I'm piping the tcpdump output into the sbk_extract and getting the following: [SNIP]The question might be stupid, but let's go : is the server's interface an ethernet device ? If no, I thing the server does not work (well I could not manage to make it work on a ppp device).
Do you know why from a technical point of view ? laurent, curious
Current thread:
- Help Needed: Having a problem with sebek server Turner,Robbin J. (Nov 18)
- Re: Help Needed: Having a problem with sebek server Edward Balas (Nov 18)
- Re: Help Needed: Having a problem with sebek server Turner,Robbin J. (Nov 19)
- Re: Help Needed: Having a problem with sebek server Edward Balas (Nov 19)
- Re: Help Needed: Having a problem with sebek server Turner,Robbin J. (Nov 19)
- Re: Help Needed: Having a problem with sebek server Pierre LALET (Nov 18)
- Re: Help Needed: Having a problem with sebek server Laurent OUDOT (Nov 22)
- Re: Help Needed: Having a problem with sebek server Pierre LALET (Nov 22)
- Re: Help Needed: Having a problem with sebek server Laurent OUDOT (Nov 22)
- Re: Help Needed: Having a problem with sebek server Edward Balas (Nov 18)