Re: basic honeynet question

[Hugo Francisco González Robledo <hugo.gonzalez () itslp edu mx>]

Ok, you need a bridge between eth0 and eth1.
And need configure the cards to have something like this :

                ___________________
honeynet <-->  | (eth1)---- (eth0) | <--> Internet
               |      eth2         |
               ---------------------
                       Admin

it's like firewall for the honeynet.

The bridge acts to examine and pass packets from honeynet to Internet.

Regards,



On Thu, Apr 06, 2006 at 10:50:06AM -0000, mr () simla colostate edu wrote:
> im using the roo installation from www.honeynet.org and am having trouble understanding how the NIC cards are 
> supposed to be set up.  they say 
>
> * eth0 is the "Internet" or outside Interface
> * eth1 is the LAN interface (Honeypot side)
> * eth2 is the Management interface
> * br0 is the virtual bridge interface (eth0 + eth1)
>
> but i dont completly understand what that means.  is eth0 where the incoming connection comes, then eth1 is where the 
> outbound packets are sent? also, do i need to set up a gateway before the honeypot? or can i user a router? im just 
> really confused about how the physical networking is supposed to be done.  could someone give me some help?  thanks 
> in advance

-- 
Hugo Francisco González Robledo
Instituto Tecnológico de San Luis Potosí

Llave pública en http://ardilla.zapto.org

Excelente año 2006!

-------------------------------------------
Educación es lo que queda después de olvidar
lo que se ha aprendido en la escuela.
                Albert Einstein
-------------------------------------------