Honeypots mailing list archives
Re: basic honeynet question
From: "Earl Sammons" <esammons () hush com>
Date: Sat, 08 Apr 2006 17:50:49 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I _think_ there is a caveat to our current iptalbes config that limits the hoenypot network to one directly connected to the Honeypot facing interface, eth1 in your case. If I'm not dropping packets again, and this is true, then you'll have to remove the router and use a switch/hub to connect the hpots to eth1. Earl On Fri, 07 Apr 2006 21:02:38 -0400 mat <mr () simla colostate edu> wrote:
so i have my honeynet set up like this... internet--|eth0 honeywall eth1|--router--honeypot the router obtains an IP address correctly, but i cannot access the internet with the honeypot box. i have disabled snort-inline so the packets should be sent. anyone have any ideas? mr () simla colostate edu wrote:im using the roo installation from www.honeynet.org and amhaving trouble understanding how the NIC cards are supposed to be set up. they say* eth0 is the "Internet" or outside Interface * eth1 is the LAN interface (Honeypot side) * eth2 is the Management interface * br0 is the virtual bridge interface (eth0 + eth1) but i dont completly understand what that means. is eth0 wherethe incoming connection comes, then eth1 is where the outbound packets are sent? also, do i need to set up a gateway before the honeypot? or can i user a router? im just really confused about how the physical networking is supposed to be done. could someone give me some help? thanks in advance
-----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wkYEARECAAYFAkQ4H/YACgkQk7+e+4lPSm27XACfXxviWh8r7IjP6G9hB6Hky9VFjm4A n0fN2XzZnzw5fLYibZzmXp5eVMdd =+S1Y -----END PGP SIGNATURE-----
Current thread:
- basic honeynet question mr (Apr 06)
- Re: basic honeynet question Hugo Francisco González Robledo (Apr 06)
- Re: basic honeynet question mat (Apr 06)
- Re: basic honeynet question mat (Apr 07)
- Re: basic honeynet question Hugo Francisco González Robledo (Apr 08)
- <Possible follow-ups>
- Re: basic honeynet question Earl Sammons (Apr 08)
- Re: basic honeynet question Hugo Francisco González Robledo (Apr 06)