Honeypots mailing list archives
RE: GenII Honeynet with NAT
From: "Stejerean, Cosmin" <cstejere () cti depaul edu>
Date: Tue, 1 Mar 2005 17:12:21 -0600
It depends on where your attacker will be located. If you will use an attacker within your private network you will not have to worry about the NAT router. However if you plan to use a computer to attack from the outside you will need to enable port forwarding on the NAT router and forward specific ports to certain machines. That might work since in most cases the ports for Windows 2000 are different from the ports from Red Hat. However the reason your IT administrator wants you to use a NAT firewall is likely because otherwise your honey pots will be exposed to attacks from the wild. While that is great if you want to study real attacks it can be a great risk if you do not configure things properly. I would recommend that you start testing internally and once you feel comfortable you can move to outside attacks if you can get permission from the IT department. Regards, Cosmin Stejerean cstejere () cs depaul edu ________________________________ From: Martin Kristensen [mailto:martink () student hin no] Sent: Tuesday, March 01, 2005 6:16 AM To: honeypots () securityfocus com Subject: GenII Honeynet with NAT Hi everyone! We are two students who are studying the Honeynet technology for a project we are doing. We have a question about the use of NAT. Our IT-administrator will provide the Internet access for us, but he will not give us a public IP. He wants to use a router which performs NAT to the Honeynet, so the NAT will be performed before the Honeywall gateway. Will this be a problem for us with using the bridging mode and rc.firewall script? Use this link to see how our network looks: http://home.no/martinkr/design.jpg Thanks for any help! Regards Martin Kristensen martink () student hin no
Current thread:
- GenII Honeynet with NAT Martin Kristensen (Mar 01)
- RE: GenII Honeynet with NAT Andre Derek Protas (Mar 02)
- <Possible follow-ups>
- RE: GenII Honeynet with NAT Stejerean, Cosmin (Mar 02)
- Logging to MySQL from the Honeywall CD Christian Larsen (Mar 02)
- Re: Logging to MySQL from the Honeywall CD Patrick McCarty (Mar 02)
- Logging to MySQL from the Honeywall CD Christian Larsen (Mar 02)