Honeypots mailing list archives
Problems with networks (honeyd 0.8b)
From: Peer Heinlein <p.heinlein () jpberlin de>
Date: Fri, 4 Jun 2004 11:43:34 +0200
We`re trying to setup a very small network topology, but it`s not working.
I don`t know why honeyd doesn`t work...
mary:~ # ifconfig
eth0 Link encap:Ethernet HWaddr 00:08:A1:4D:AA:7C
inet addr:192.168.100.41 Bcast:192.168.100.255
Mask:255.255.255.0
inet6 addr: fe80::208:a1ff:fe4d:aa7c/64 Scope:Link
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:20121 errors:0 dropped:0 overruns:0 frame:0
TX packets:19171 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:18610347 (17.7 Mb) TX bytes:1494266 (1.4 Mb)
Interrupt:9 Base address:0x1c00
mary:~ # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0
eth0
0.0.0.0 192.168.100.1 0.0.0.0 UG 0 0 0
eth0
mary:/etc/honeyd # less honeyd-new-test.conf
route entry 192.168.100.202 network 192.168.0.0/16
route 192.168.100.202 link 192.168.1.0/24
bind 192.168.1.51 linux
bind 192.168.1.52 linux
bind 192.168.1.53 windows
### Windows NT4 web server
create windows
set windows personality "Microsoft Windows XP Professional SP1"
add windows tcp port 80 "perl scripts/iis-0.95/iisemul8.pl"
add windows tcp port 139 open
add windows tcp port 137 open
add windows udp port 137 open
add windows udp port 135 open
set windows default tcp action reset
set windows default udp action reset
set windows uptime 1336262
set windows ethernet "00:20:ED:78:C5:A1"
### Cisco Router
create router
set router personality "Cisco IOS 11.3 - 12.0(11)"
set router default tcp action reset
set router default udp action reset
add router tcp port 23 "/usr/bin/perl scripts/router-telnet.pl"
set router uid 32767 gid 32767
set router uptime 1327650
set router ethernet "00:20:ED:78:C5:A2"
### Linux web server
create linux
set linux personality "Linux Kernel 2.4.20"
add linux tcp port 80 "bash scripts/web.sh"
add linux tcp port 21 "bash scripts/ftp.sh"
add linux tcp port 25 "bash scripts/smtp.sh"
set linux default tcp action reset
set linux default udp action reset
set linux uptime 5223212
set linux ethernet "00:20:ED:78:C5:A3"
ary:/etc/honeyd # honeyd -d -f /etc/honeyd/honeyd-new-test.conf
Honeyd V0.8b Copyright (c) 2002-2004 Niels Provos
honeyd[2399]: started with -d -f /etc/honeyd/honeyd-new-test.conf
Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0"
Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT
4.0 SP3"
honeyd[2399]: listening promiscuously on eth0: (arp or ip proto 47 or
(ip )) and not ether src 00:08:a1:4d:aa:7c
/etc/honeyd/honeyd-new-test.conf:39: Template "linux" is configured with
ethernet address but there is no interface that can reach 192.168.1.51
/etc/honeyd/honeyd-new-test.conf:40: Template "linux" is configured with
ethernet address but there is no interface that can reach 192.168.1.52
/etc/honeyd/honeyd-new-test.conf:41: Template "windows" is configured with
ethernet address but there is no interface that can reach 192.168.1.53
honeyd: parsing configuration file failed
mary:/etc/honeyd #
I really don`t know why honeyd`s complaining... As I understood the config
of honeyd, there should be 192.168.100.202 es the entry into the network
192.168.1.16 where the three hosts are set up. And 192.168.100.202 is
reachable locatet in my "real" lan, which is 192.168.100.0/24.
Can anybody help me please?
Thanks!
Peer
Current thread:
- Problems with networks (honeyd 0.8b) Peer Heinlein (Jun 04)
- Re: Problems with networks (honeyd 0.8b) Niels Provos (Jun 04)