Honeypots mailing list archives

Re: Honeywall CDROM version 0.68 released!!

From: Rob McMillen <rob () honeynet org>
Date: Thu, 26 Aug 2004 00:05:05 -0500 (EST)

I would have to direct your question about sebek to Ed. He happens to bethe sebek keeper.


What other errors are you getting?

Rob

On Wed, 25 Aug 2004, Sean Hoffmann wrote:

Date: Wed, 25 Aug 2004 14:34:23 -0400
From: Sean Hoffmann <sean () loworbit cc>
To: Rob McMillen <rob () honeynet org>
Cc: honeypots () securityfocus com
Subject: Re: Honeywall CDROM version 0.68 released!!

I just loaded up the new Honeywall CDROM and I'm getting an error from Sebek

Unexpected Sebek PDU version: 1

I downloaded and re-installed the Win32 2.1.5 client fromhttp://www.honeynet.org/tools/sebek/ but I'm still getting the error. When Iboot off the old CD 0.67b it works fine. But I get other errors from theHoneywall so I don't want to run it that way. Any help would be appreciated.


Thanks,
Sean

Rob McMillen wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The Honeynet Project is proud to release an update to the Honeywall CDROM
(version 0.68).  You can find it at:

http://www.honeynet.org/tools/cdrom/download.html

This update contains a data upload mechanism to allow transporting data to
a central data repository.  This mechanism should allow you to quickly
correlate and analyze data on multiple honeypots residing on different
networks which could lead to trend identification.  Take a look at the
Honeywall Upload menu item within the Honeywall Configuration menu.

We also included the beginnings of an analysis functionality by allowing
the Honeywall to send a daily summary of Honeywall/Honeypot traffic.  I
emphasis the beginnings of an analysis functionality, because this is just
the beginning.  We hope to have a much better analytical effort on the
Honeywall soon.  Baby steps ;)

The update also includes a few security fixes:
- an updated kernel (2.4.27)
- updated snort and snort rules
- propoliced binaries.  This attempts to stop buffer overflows:
* libpcap
* snort
* snort_inline
* openssh
* zlib
* openssl
* iptables
- minor bug fixes

We are currently working on the next generation cdrom which will have this
and more!  We also hope to have things such as international keyboard and
scsi support.

Please feel free to send me any comments, feedback or complains you may
have regarding the cdrom.  If you find a bug, please report it on
https://bugs.honeynet.org/

Enjoy,

Rob McMillen
rob () honeynet org


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (Darwin)

iD8DBQFBK+SEulH/ZGBJPj4RAuaqAJ975PWuL2xIT7agnFgDFmxGSa/ifACgkmIB
fVVv8r+wKkvZZd+r1leYYuY=
=5KJ0
-----END PGP SIGNATURE-----

Current thread:

Honeywall CDROM version 0.68 released!! Rob McMillen (Aug 24)
- Re: Honeywall CDROM version 0.68 released!! Sean Hoffmann (Aug 26)
  - Re: Honeywall CDROM version 0.68 released!! Rob McMillen (Aug 26)
  - Re: Honeywall CDROM version 0.68 released!! if0ff () softhome net (Aug 27)
    - Re: Honeywall CDROM version 0.68 released!! Rob McMillen (Aug 27)
- <Possible follow-ups>
- RE: Honeywall CDROM version 0.68 released!! Fallon, Benjamin (Sep 01)
  - Re: Honeywall CDROM version 0.68 released!! Lance Spitzner (Sep 01)