Honeypots mailing list archives
Re: Problem pinging virtual hosts
From: Niels Provos <provos () citi umich edu>
Date: Sat, 1 May 2004 14:07:28 -0400
On Fri, Apr 30, 2004 at 08:11:36PM +0200, Odilo Hildebrandt wrote:
I have a problem with my virtual hosts created with honeyd. All the Ping requests time out. I also tryed to start arpd, but it doesnt work. Arpd creates an Error, that it cannot find /dev/arpd, but it is there.
First of all, you are using virtual routing topologies, so you do not need arpd. Instead, you need to pint the route for 10.0.1.0/24 to the machine that runs Honeyd. The 10.0.2/24 network might not be reachable, because you tell Honeyd that it is responsible only for 10.0.0/24. Niels.
Here is the honeyd.conf file: route entry 10.0.0.100 network 10.0.0.0/24 route 10.0.0.100 link 10.0.1.0/24 route 10.0.0.100 add net 10.0.2.0/24 10.0.1.100 latency 50ms loss 0.1 route 10.0.1.100 link 10.0.2.0/24 create iis_windows set iis_windows personality "Microsoft Windows 2000 SP1" add iis_windows tcp port 80 "/usr/share/honeyd/scripts/win32/win2k/iis.sh" add iis_windows tcp port 139 open add iis_windows tcp port 137 open add iis_windows udp port 137 open add iis_windows udp port 135 open set iis_windows default tcp action reset set iis_windows default udp action reset create windows_xp set windows_xp personality "Microsoft Windows XP SP1" add windows_xp tcp port 21 "/usr/share/honeyd/scripts/win32/win2k/msftp.sh" add windows_xp tcp port 139 open add windows_xp tcp port 137 open add windows_xp udp port 137 open add windows_xp udp port 135 open set windows_xp default tcp action reset set windows_xp default udp action reset create linux2.4 set linux2.4 personality "Linux 2.4.7 (X86)" add linux2.4 tcp port 21 "/usr/share/honeyd/scripts/unix/linux/ftp.sh" set linux2.4 default tcp action reset set linux2.4 default udp action reset create suse set suse personality "Linux kernel 2.2.13 (SuSE; X86)" add suse tcp port 79 "/usr/share/honeyd/scripts/unix/linux/suse7.0/fingerd.sh" add suse tcp port 23 "/usr/share/honeyd/scripts/unix/linux/suse7.0/telnetd.sh" add suse tcp port 22 "/usr/share/honeyd/scripts/unix/linux/suse7.0/ssh.sh" set suse default tcp action reset set suse default udp action reset bind 10.0.1.1 iis_windows bind 10.0.1.2 windows_xp bind 10.0.1.3 windows_xp bind 10.0.1.4 windows_xp bind 10.0.2.1 linux2.4 bind 10.0.2.2 suse create router set router personality "Cisco IOS 12.0(5)WC3 - 12.0(16a)" add router tcp port 23 "perl /usr/share/honeyd/scripts/router-telnet.pl" set router default tcp action reset set router default udp action reset set router uid 32767 gid 32767 set router uptime 1327650 bind 10.0.0.100 router bind 10.0.1.100 router I start honeyd with that syntax: honeyd -d -l /home/admin/honeyd.log -i eth1 -p /etc/honeypot/nmap.prints -x /etc/honeypot/xprobe2.conf -a /etc/honeypot/nmap.assoc -0 /etc/honeypot/pf.os -f /etc/honeypot/honeyd.conf 10.0.0.0-10.0.2.3 Hope you can help me a little :-) O.Hildebrandt
Current thread:
- Problem pinging virtual hosts Odilo Hildebrandt (May 01)
- Re: Problem pinging virtual hosts Niels Provos (May 01)