Monkey.org Developments
Honeyd Mailing List: Re: Error running Honeyd-WIN32

Honeyd Resources

Main - News - Forums 
Download Releases
General Information [Mirror]
Frequently Asked Questions
Sample Configurations
Tools - Service Scripts
Blog - New
Links, Press, etc.
Mailing List Archive
Acknowledgments


Honeyd Research

Immunization Against Worms
Understanding Spam
Performance

Honeypot Resources

Honeypot Background
Honeypot Concepts

Honeypot Books


Virtual Honeypots,
Niels Provos and Thorsten Holz

Happy Hacking

Reduce wishlists
Leave a tip with PayPal

Support Honeyd

Search:
Keywords:

Search Amazon

  		 

Re: Error running Honeyd-WIN32

From: Roger A. Grimes <roger_at_banneretcs.com>
Date: Sat, 28 Feb 2004 11:26:44 -0500



The Impossible SI range message is not a critical one and refers to an


invalid entry in the nmap.prints file.  The second one is one I've been


trying to troubleshoot lately along with Niels Provos and Michael Davis


(porter of Honeyd-Win32).  We haven't discovered the problem yet, but I'm


wondering if it has to do with one of the following:



1.  The new version of Winpcap


2.  Windows 2000 and above (as I don't get the message in my Win98 boxes),


using the same network cards.



What can be more befuddling on the latter message is that running the -W


parameter shows the NIC as discovered by Winpcap, and then Honeyd doesn't


find it.



Any help from the list would be appreciated and I'll send a free autograph


copy of my forthcoming book to the first correct replier (yeah, the


autograph makes it worth at least $0.01 more than without it).



Roger



****************************************************************************


****


*Roger A. Grimes, Computer Security Consultant


*CPA, MCSE:Security (NT/2000/2003/MVP), CNE (3/4), A+


*email: roger_at_banneretcs.com


*cell: 757-615-3355


*Author of Malicious Mobile Code:  Virus Protection for Windows by O'Reilly


*http://www.oreilly.com/catalog/malmobcode


*Author of upcoming Honeypots for Windows (Apress)


****************************************************************************


*****



----- Original Message ----- 


From: "FreeCC" <freecc_at_eyou.com>


To: <honeypots_at_securityfocus.com>


Sent: Saturday, February 28, 2004 12:36 AM


Subject: Error running Honeyd-WIN32



> I am using the Honeyd-WIN32 from


> http://www.securityprofiling.com.


> I got this error while running it.


> Started honeyd using "honeyd -d -f config.sample"


> But it didn't work.This is what it said:


> Impossible SI range in Class fingerprint "Windows NT 4 SP3"


> intf_get: No such device or address


>


> I followed the instructions at the WIN32_README.txt. Any ideas


> what happened?


> Thank you for your patience.


>


> FreeCC


>


>


>


>


>


> --http://www.eyou.com


> --稳定可靠的电子信箱  语音邮件  移动书签  日历服务  网络存储...亿邮未尽


>


> --http://vip.eyou.com


> --快快登录亿邮VIP信箱  注册您中意的用户名


>


>


Received on Sat Feb 28 2004 - 11:34:45 PST





















Search For Information











Google








 Search WWW  Search www.honeyd.org 



















NB: This is a filtered version of the Honeypots mailing list. Only posts that concern Honeyd are shown here. For more recent discussions visit the forums.

 











Last modified: June 13 2004 02:53:28 AM


Copyright (c) 1999-2004 by Niels Provos

Don't access my pirated music.