Hello!
I want to run honeyd on a host which is only allowed to have ONE ip address.
SO what i am trying to do now is to set up honeyd to listen to that one ip address and some ports like telnet or IIS.
Is this even possible?
Here is what i did:
# arpd <IP>
# honeyd -f honeyd.conf <IP>
My honeyd.conf file:
-------------------------
### Windows computers (default)
create default
set default personality "Windows NT 4.0 Server SP5-SP6"
set default default tcp action reset
add default tcp port 1110 "sh pop3.sh"
add default tcp port 125 block
add default tcp port 121 "sh ftp.sh"
#add default udp port 139 drop
set default uptime 3284460
### Cisco router
create router
set router personality "Cisco 4500-M running IOS 11.3(6) IP Plus"
add router tcp port 23 "/usr/bin/perl router-telnet.pl"
set router default tcp action reset
set router uid 32767 gid 32767
set router uptime 1327650
# Bind specific templates to specific IP address
# If not bound, default to Windows template
bind <IP> router
Cheers, Mario
_____________________________________________________________
Linux.Net -->Open Source to everyone
Powered by Linare Corporation
http://www.linare.com/
Received on Tue Dec 16 2003 - 12:16:14 PST
