honeyd and udp

From: Kuntzelman Brad MSgt AFIT/ENG <>
Date: Tue, 9 Dec 2003 16:05:26 -0500

Hi all,

My first post here...

I'm having difficulty getting "stuff" from honeyd using a shell script as a udp service.

Basically, I want to get a udp echo service working first so I can build upon that.

Here's what I'm working with (a modified version of

DATE=`date "+%F %R:%S"`
echo "$DATE $0 $1 $2 $3 $4 started" >> $LOG
while read data
        DATE=`date "+%F %R:%S"`
        echo "$DATE $0 $1 $2 $3 $4 RX $data" >> $LOG
        echo "$data"
        DATE=`date "+%F %R:%S"`
        echo "$DATE $0 $1 $2 $3 $4 TX $data" >> $LOG

When I use this and connect to it via a java-based udp echo client, it blocks on the read. If I change the read command to "read -n 1 data" I can get the initial character I sent; I would think that on subsequent loops, I'd receive the subsequent character, but the receive buffer appears to be cleared and I get the first character from the next transmission. Also, anything other than one character causes it to block on read.

I know udp is significantly different than tcp, but I can't figure out why I'm blocking on the initial input, even when I'm sending the newline as part of my message (which is only text).

Does honeyd do something different with udp packets on receive or can shell scripts not deal with them properly?

Thanks for any help,

Brad K.
brad -dot- kuntzelman {at} afit -dot- edu

Received on Tue Dec 09 2003 - 22:47:37 PST
