Re: Problem install Sebek on Redhat 7

[Valdis.Kletnieks () vt edu]

On Thu, 02 Dec 2004 02:11:40 GMT, b7time () hotmail com said:
> Sorry if this is an obvious question but I'm trying to install Sebek client 2
.1.7 on a RedHat 7 honeypot. After I run the ./configure and then try to run ma
ke...I get the following message:
> cp: cannot stat '/usr/src/linux-2.4/net/packet/af_packet.c' : No such file or
 directory
> The only directory after /usr/src is redhat not linux-2.4 any suggestions?

Well, for starters, avoid RedHat 7 if you can avoid it.  That's *SO* ancient
that it's quite possibly useless as a honeypot - the exploits are all against
more recent stuff.. ;)

You'll want to find your RedHat 7 disks or a RedHat mirror that still has
that Redhat 7 (and double check if you're at 7.0, 7.1, or 7.2 - it *does* matter).
You need to find the 'kernel-source-2.4.<something>.rpm' and install that.

Although one person suggested a kernel.org kernel, do *NOT* try that unless
you are experienced building Linux kernels already - the RedHat kernel of that
time frame was a modified -ac series kernel, so you stand a chance of hitting
something in userspace that wants a redhat-specific patch that isn't in the
kernel.org kernel.  Also, the kernel-sources RPM includes the various .config
files used to build the kernel - trying to roll your own can be "interesting".

Attachment: _bin
Description: