Hi,
I used the following Honeyd configure file(Config1.conf) and tried to ping
10.0.0.100 from a Windows machine. The ping command returns "Request timed
out". It is okay to ping other IPs such as 10.0.1.1. Since I started
Honeyd without daemonizing it, then I went back to the Honeyd screen and saw
the "No reverse routing map for 10.0.0.100". If I try "tracert 10.1.0.1",
then it can return the right topology. The funny thing about this is when I
changed to "Config2.conf" following Niels's paper"Honeyd: A Virtual Honeypot
Daemon", then both ping and tracert will not work. ping command did not
work for any IPs. I attached Honeyd's onscreen message to Config2.conf. It
seems ICMP reply messages are normal. Can any one of you give me a clue?
1 * * * Request timed out.
2 20 ms 60 ms 10 ms 10.0.1.1
3 30 ms 80 ms 80 ms 10.1.0.1
Config1.conf:
route entry 10.0.0.100
route 10.0.0.100 link 10.0.1.0/24
route 10.0.0.100 add net 10.1.0.0/24 10.0.1.1
route 10.0.1.1 link 10.1.0.0/24
Config2.conf:
route entry 10.0.0.100
route 10.0.0.100 link 10.0.0.0/24
route 10.0.0.100 add net 10.1.0.0/16 10.1.0.1
route 10.0.0.100 add net 10.2.0.0/16 10.2.0.1
route 10.1.0.1 link 10.1.0.0/24
route 10.2.0.1 link 10.2.0.0/24
honeyd[1815]: Sending ICMP Echo Reply: 10.0.0.100 -> 10.0.0.42
honeyd[1815]: Sending ICMP Echo Reply: 10.0.0.100 -> 10.0.0.42
honeyd[1815]: Sending ICMP Echo Reply: 10.0.0.100 -> 10.0.0.42
honeyd[1815]: Sending ICMP Echo Reply: 10.0.0.100 -> 10.0.0.42
honeyd[1815]: Connection to closed port: udp (10.0.0.42:137 - 10.1.0.1:137)
honeyd[1815]: Connection to closed port: udp (10.0.0.42:137 - 10.1.0.1:137)
honeyd[1815]: Connection to closed port: udp (10.0.0.42:137 - 10.1.0.1:137)
honeyd[1815]: TTL exceeded for dst 10.1.0.1 at gw 10.0.0.100
honeyd[1815]: TTL exceeded for dst 10.1.0.1 at gw 10.0.0.100
honeyd[1815]: TTL exceeded for dst 10.1.0.1 at gw 10.0.0.100
honeyd[1815]: Sending ICMP Echo Reply: 10.1.0.1 -> 10.0.0.42
honeyd[1815]: Sending ICMP Echo Reply: 10.1.0.1 -> 10.0.0.42
Thanks a lot.
-CF
Received on Mon Apr 05 2004 - 11:23:12 PDT
