Honeypots mailing list archives
Re: Sebek install issue for v. linux 2.1.7
From: Ty Bodell <tebodell () gmail com>
Date: Wed, 9 Feb 2005 16:46:44 -0600
Jason-- Did you use the kernel sources RPM or compile one from kernel.org. See here: http://seclists.org/lists/honeypots/2004/Jul-Sep/0018.html Maximillian Dornseif says that the stock redhat af_packet.c in the kernel source from RedHat (if you installed the RPMs then you got that one) is different or non-standard. So I'd quick compile the latest stable sources from http://www.kernel.org and then give it a shot. If that doesn't work send me (or the list) your af_packet.c and the rejected file and i'll go over it. By the way as for the /usr/src/linux-2.4 dir, i think redhat creates a symlink to /usr/src/linux, if not just create a symlink from your kernel source dir /usr/src/linux-2.6** to /usr/src/linux Cheers, Ty On Wed, 9 Feb 2005 15:37:18 -0500, Jason Schoenbrun <athlon () umd edu> wrote:
I installed the files as you said, and I got past that point. However, when typing 'make', I am told 2 of 7 hunks failed (at 185 and 1959) and a file af_packet.c.rej is created saying: *************** *** 182,188 **** unsigned int pg_vec_order; unsigned int pg_vec_pages; unsigned int pg_vec_len; - struct tpacket_hdr **iovec; unsigned int frame_size; unsigned int iovmax; --- 185,191 ---- unsigned int pg_vec_order; unsigned int pg_vec_pages; unsigned int pg_vec_len; + struct tpacket_hdr **iovec; unsigned int frame_size; unsigned int iovmax; *************** *** 1927,1932 **** return 0; } - module_init(packet_init); - module_exit(packet_exit); - MODULE_LICENSE("GPL"); --- 1959,1961 ---- return 0; } I should also mention that I don't have a /usr/src/linux-2.4 folder, rather a /usr/src/linux-2.6.5-1.358 and I editted the Makefile to reflect that. Thank you for any assistance, Jason ---- Original message ----Date: Tue, 8 Feb 2005 17:19:45 -0600 From: Ty Bodell <tebodell () gmail com> Subject: Re: Sebek install issue for v. linux 2.1.7 To: Jason <athlon () umd edu> Yep looks I think that'll do, if not try the stock rpm thenupdate it:ftp://rpmfind.net/linux/fedora/core/2/i386/os/Fedora/RPMS/kernel-source-2.6.5-1.358.i386.rpm Goodluck and let me know which way things go :-) --Tebodell On Tue, 8 Feb 2005 18:11:30 -0500, Jason <athlon () umd edu> wrote:I don't think I did, thanks for the tip. I'm going back tothe labtomorrow afternoon and I'll give it a shot. I found kernel-2.6.10-1.9_FC2 Source RPM, and I assumethat's what Ineed since I'm running FC2 on an x86 processor. I don'twant the i386,i586, i686 or x86_64 versions, right? Thanks, Jason -----Original Message----- From: Ty Bodell [mailto:tebodell () gmail com] Sent: Tuesday, February 08, 2005 5:33 PM To: athlon () umd edu Cc: honeypots () securityfocus com Subject: Re: Sebek install issue for v. linux 2.1.7 Did you install the kernel-sources RPM when you installedfedora? Ifnot go get the RPM at rpmfind.net or the tarball at kernel.org --Tebodell On Tue, 8 Feb 2005 16:17:24 -0500, Jason Schoenbrun<athlon () umd edu>wrote:I have Fedora Core 2 installed and am just getting started with Honeypots. I unzipped the software in a folder in my home directorywith:gunzip sebek-linux-2.1.7.tar.gz tar xf sebek-linux-2.1.7.tar Then I went into the folder that was made, typed ./configure, which seemed to be successful with everything found and without errors. Then, when I type 'make', I get: [jason@mmount-50 sebek-linux-2.1.7]$ make cp /usr/src/linux-2.4/net/packet/af_packet.c . cp: cannot stat `/usr/src/linux-2.4/net/packet/af_packet.c': No such file or directory make: *** [af_packet.c] Error 1 Thank you in advance for any help you can provide. Jason
Current thread:
- Sebek install issue for v. linux 2.1.7 Jason Schoenbrun (Feb 08)
- Re: Sebek install issue for v. linux 2.1.7 Ty Bodell (Feb 08)
- <Possible follow-ups>
- Re: Sebek install issue for v. linux 2.1.7 Ty Bodell (Feb 09)