Honeypots mailing list archives

Previous By Date Next
Previous By Thread Next

Re: honeyd compile error 1.0 and 0.8b

From: Ivan Rivera <esteban_uria () yahoo com>
Date: Sun, 10 Apr 2005 13:35:03 -0700 (PDT)

I change the
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:.:/usr/local/include:/usr/local/lib
and then I compile the software and finally it
works... thanks for you help

Ivan

--- gangadhar npk <phani () myrealbox com> wrote:

Hello Ivan,
The missing symbol means that the required API that
honeyd is looking for is not present in the libdnet
library. 
You can use the nm command on Linux to see if the
symbol is indeed present in the libdnet library.
Also, as Nelis said in a similar thread
http://www.honeyd.org/archive.php/04/06/0127.html
it would help if you can provide with the
config.log.
If you look at the config.log of the thread, the
configure fails because of missing libdevent

<snip>
configure:5833: checking for working addr_cmp in
libdnet
configure:5862: gcc -o conftest -I/usr/local/include
  conftest.c -L/usr/local/lib -ldnet >&5
configure:5865: $? = 0
configure:5867: ./conftest
./conftest: error while loading shared libraries:
libdnet.so.0: cannot open shared object file: No
such file or directory
configure:5870: $? = 127
configure: program exited with status 127
</snip>
See if you get a similar message in your config.log
too.
If that is the case, check if the LD_LIBRARY_PATH
environment variable does have the path to where the
libdevent is installed.

hth
Gangadhar
-----Original Message-----
From: Ivan Rivera <esteban_uria () yahoo com>
To: honeypots () securityfocus com
Date: Fri, 8 Apr 2005 22:29:07 -0700 (PDT)
Subject: honeyd compile error 1.0 and 0.8b


Hi
I try to compile different version of honeyd (1.0
and
0.8b). I compile and install the following software

libdnet 1.10 (OK)
libevent 1.0c (OK)
libpcap 0.8.3 (OK)

I run ldconfig in the directory of libdnet and when
I
try to compile honeyd i get the following error
message.

checking for working addr_cmp in libdnet...
configure:
error: you need to install a more recent version of
libdnet

I specify the --with-libdnet=/usr/local but i get
the
same error message.

I check documentation but all the documentation do
not
say anything about this error, I think is a commond
error message, and i apply all the steps that i
found
in the internet to fix this problem but I do not get
the right compile

Why I need to install another version more recent
that
i have in my computer? I use 1.10 

Do you have any idea?

Thanks for you help

Ivan


--- James Oliver <686f6e6579 () gmail com> wrote:

Hi,

I'm running honeyd (1.0) with a host based on the
"Linux 2.4.20"
personality. A firewall (iptables 1.2.9) drops all
new outgoing
connections. When I try to ping this Linux host

from

outside the
firewall always drops the packet, stating this is

a

new connection.

I have analysed the ICMP Echo Replies honeyd sends
for the "Linux
2.4.20" personality and the Code field is set to

1,

even if the ICMP
Echo Request's Code field is 0.

In




http://www.networkmagazine.com/shared/printableArticle.jhtml?articleID=8702910

it is stated that Linux doesn't change the code
field, so I'm
wondering why this happens. I have analysed my own
ICMP Echo
Requests/Replies and looked at
/usr/src/linux/net/ipv4/icmp.c to have
a look at the Linux ICMP code. This code is the

same

as the one in the
Linux 2.4.20 sources, so the behaviour should be

the

same AFAIK.

Therefore I have now modified my
/usr/share/honeyd/xprobe2.conf in line 237 to

icmp_echo_code = 0

instead of

icmp_echo_code = !0

After this change the firewall accepts the ICMP

Echo

Replies of
honeyd's Linux 2.4.20 personality. Nevertheless it
now always changes
the ICMP Echo Replie Code always to 0 which is not
Linux behaviour.

Is the behavior in the original xprobe2.conf
intended? Is there a
mistake on my side?

Thanks for your suggestions,
James



IvAn =^)
esteban_uria () yahoo com






IvAn =^)
esteban_uria () yahoo com
Previous By Date Next
Previous By Thread Next

Current thread: