Honeypots mailing list archives
"Connection to closed port" error
From: Sandy Turner <slt () lanl gov>
Date: Mon, 02 May 2005 16:54:14 -0700
When I use the subsystem command with openradius (Fedora Core 3) and send it an Authentication Request from another machine (NTRadPing), I'm getting the error below. I saw the same problem on Free Radius. Any thoughts?
honeyd[5682]: Connection to closed port: udp (45.128.14.161:1123 - 45.128.14.100:1812)
Here is my config.radius: # Set up the hosts create template set template personality "Linux 2.4.7 (X86)" set template default udp action open add template subsystem "/usr/local/sbin/radiusd -dall -b" shared bind 45.128.14.100 template Here is my honeypot log:[root@localhost honeyd-1.0a-rc2]# arpd 45.128.14.100 arpd[5680]: listening on eth0: arp and (dst 45.128.14.100) and not ether src 00:03:47:92:b2:1d [root@localhost honeyd-1.0a-rc2]# honeyd -d -u 0 -g 0 -f ./config.radius 45.128.14.100
Honeyd V1.0a Copyright (c) 2002-2004 Niels Provos honeyd[5682]: started with -d -u 0 -g 0 -f ./config.radius 45.128.14.100 Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0"Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3"honeyd[5682]: listening promiscuously on eth0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip and (host 45.128.14.100))) and not ether src 00:03:47:92:b2:1d
honeyd[5682]: Demoting process privileges to uid 0, gid 0 [misc] meta_newfromdict: Opening /usr/local/etc/openradius/dictionary [misc] conf_new: Opening /usr/local/etc/openradius/configuration [misc] conf_new: Opening /usr/local/etc/openradius/behaviour [recv] conf_start: Opening socket on 0.0.0.0, port 1812honeyd[5682]: Subsytem "/usr/local/sbin/radiusd -dall -b" binds 45.128.14.100:1812
[recv] conf_start: Opening socket on 0.0.0.0, port 1813honeyd[5682]: Subsytem "/usr/local/sbin/radiusd -dall -b" binds 45.128.14.100:1813 [proc] conf_start: Starting /usr/local/lib/openradius/radclient for Radiusclient[proc] conf_start: Starting /usr/local/lib/openradius/ascfile for Usersfile
[proc] conf_start: Starting /usr/local/lib/openradius/ascfile for Realmsfile [proc] conf_start: Starting /usr/local/lib/openradius/ascfile for Nasesfile [proc] conf_start: Starting /usr/local/lib/openradius/ascfile for Clientsfile [proc] conf_start: Starting /usr/local/lib/openradius/radlogger for Acctlogger [misc] main: Ready to answer requests.honeyd[5682]: Connection to closed port: udp (45.128.14.161:1123 - 45.128.14.100:1812)
Current thread:
- "Connection to closed port" error Sandy Turner (May 03)