I downloaded honeyd and installed IT fine on a slackware 8.1 box. I have a
few external ip's I would like to use for the project. Anyone have a complex
config or simple config to show methods from small to large networks, using
1 ip to many ip's working as is please email a copy to me_at_knight420.com
Thanks for any help provided!
-Knight420
www.knight420.com
-----Original Message-----
From: Devilscrow Sr [mailto:devilscrow_at_gawab.com]
Sent: Tuesday, December 16, 2003 1:19 PM
To: mario.ohnewald_at_linux.net
Cc: honeypots_at_securityfocus.com
Subject: Re: honeyd - single ip address
Just in case you have supplied an actual copy of your config....
Guess you have got your pop server port mixed up...... != 1110
think it should be == 110
secondly i agree with hugo. You will have to use -p nmap.prints and | or
-x xprobe2.prints with the configs he mentioned....
-dev
Mario Ohnewald wrote:
>My honeyd.conf file:
>-------------------------
>### Windows computers (default)
>create default
>set default personality "Windows NT 4.0 Server SP5-SP6"
>set default default tcp action reset
>add default tcp port 1110 "sh pop3.sh"
>add default tcp port 125 block
>add default tcp port 121 "sh ftp.sh"
>#add default udp port 139 drop
>set default uptime 3284460
>### Cisco router
>create router
>set router personality "Cisco 4500-M running IOS 11.3(6) IP Plus"
>add router tcp port 23 "/usr/bin/perl router-telnet.pl"
>set router default tcp action reset
>set router uid 32767 gid 32767
>set router uptime 1327650
># Bind specific templates to specific IP address
># If not bound, default to Windows template
>bind <IP> router
>
>
>Cheers, Mario
>
>_____________________________________________________________
>Linux.Net -->Open Source to everyone
>Powered by Linare Corporation
>http://www.linare.com/
>
>
>
>
Received on Tue Dec 16 2003 - 14:56:17 PST
