Honeypots mailing list archives
Re: Setting up honeyd on winxp sp2
From: Jan Reister <jan.reister () unimi it>
Date: Wed, 27 Apr 2005 18:05:08 +0200
On 25/04/2005 20:33, Edmund Dorsey wrote: > The problem I am having is not so much in configuring > honeyd itself but is in getting traffic to my honeyd machine. I know > honeyd requires it's own virtual address space but I'm not sure how to > set that up in windows or if I even need to. Hi Ed, perhaps this is because you need WinPCAP to run honeyd on Windows? http://www.securityprofiling.com/honeyd/WIN32_README.txtWinPCAP needs raw sockets to capture packets that are sent to your honeyd, but Microsoft has removed raw socketw with both Win XP Service Pack 2 and the MS05-019 critical security patch.
There's a discussion about this issue on the SANS Internet Storm Center: http://isc.sans.org/diary.php?date=2005-04-24 If you have SP2 or MS05-019, this may be the problem. Jan
Current thread:
- Setting up honeyd on winxp sp2 Edmund Dorsey (Apr 27)
- Re: Setting up honeyd on winxp sp2 Jan Reister (Apr 27)
- <Possible follow-ups>
- RE: Setting up honeyd on winxp sp2 Roger A. Grimes (Apr 27)
- RE: Setting up honeyd on winxp sp2 Michael A. Davis (Apr 27)
- Re: Setting up honeyd on winxp sp2 Niels Provos (Apr 27)
- RE: Setting up honeyd on winxp sp2 Gentile, Rob (Apr 27)
- RE: Setting up honeyd on winxp sp2 Roger A. Grimes (Apr 27)