Honeypots mailing list archives
Re: Honeyd-0.8 wrong respond
From: Niels Provos <provos () citi umich edu>
Date: Tue, 9 Mar 2004 12:55:59 -0500
On Tue, Mar 09, 2004 at 06:25:35PM +0800, wan fat wu wrote:
I am now using mhoneyd-0.8. I have started arpd and honeyd together in computer A in local network. However, when I use nmap to scan the computer A, it can response the services that I have started but IT CANNOT DETECT THE OS!! What I mean can't detect the OS is it replys the fingerprints. I have tested many combination but it still gives me the fingerpring.
The following diff solves the problem. A new release of Honeyd is coming soon. Need to find some more time and polish some of the new features. Niels. Index: honeyd.c =================================================================== RCS file: /cvs/honeyd/honeyd.c,v retrieving revision 1.187 retrieving revision 1.188 diff -u -r1.187 -r1.188 --- honeyd.c 6 Feb 2004 12:38:10 -0000 1.187 +++ honeyd.c 8 Feb 2004 11:17:07 -0000 1.188 @@ -1601,9 +1605,8 @@ */ if (tiflags & (TH_RST|TH_ACK)) goto kill; + tiflags &= ~TH_FIN; } - - tiflags &= ~TH_FIN; /* Just drop the packet */ if (flags & TH_RST)
Current thread:
- Honeyd-0.8 wrong respond wan fat wu (Mar 09)
- Re: Honeyd-0.8 wrong respond Niels Provos (Mar 09)