Honeypots mailing list archives
Re: virtual honeynet with vmware
From: Guillaume Rix <guillaume.rix () sun com>
Date: Thu, 02 Oct 2003 00:32:02 +0200
Hi Patrick, Thanks for your answer. I amn't sure to understand very well.Could you please to be more precise for explain this, what do you mean by "real" address ? In this case , it's a bridge mode of vmware, not a HostOnly Network, as preconise in the Know Your Ennemy : Learn with VMware.
I precise that I amn't the admin server for the 129.157.178.0 network. And if I bridge the network 192.168.172.0 with the network 129.157.178.0, For resume my situation :I am on the network 129.157.178.0 with one fixed IP 129.157.178.165 on eth0 with RedHat9.
I can't change anything on the network 129.157.178.0.I installed three GuestOS with VMWare in a Host-Only Networking 192.168.172.0 on vmnet1.
What are the routes that I must add ? and where ?How use my fixed IP address 129.157.178.165 for continue to use my traffic of all the days ?
Cheers, Guillaume Patrick McCarty wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, BRIDGE mode is not going to work properly when your guest OS' have RFC1918 addresses. If snort-inline bridges those from vmnet1 to eth0, they arn't going to route anywhere. You'll have to assign them "real" addresses, in your 129.157.178.x network, if in fact you wish to have them transparently bridged. Additionally, currently your firewall script is blocking your 129.157.178.x address on eth0, because it doesnt have knowledge of that. (At least, thats how it appears from your excerpt below.) - -- Patrick On Wed, Oct 01, 2003 at 08:58:49AM +0200, Guillaume Rix wrote:Hi gang, I tried to implement a virtual honeynet GEN2 with Vmware. Here is my limited architecture : HostOS ( access with internet): ---------------------------------------- RedHat9 One physical interface eth0 eth0 Lien encap:Ethernet HWaddr 00:x6:xB:6x:x6:Dxinet adr:129.157.178.xxx Bcast:129.157.178.255 Masque:255.255.255.0gateway : 129.157.178.1 One logical interface vmnet1 (Host-Only Networking with Vmware) vmnet1 Lien encap:Ethernet HWaddr 00:5x:x6:Cx:0x:0x inet adr:192.168.172.1 Bcast:192.168.172.255 Masque:255.255.255.0 GuestOS : ------------- OpenBSD3-3 ( ip=192.168.172.2 gateway=192.168.172.1) FreeBSD5-1r ( ip=192.168.172.3 gateway=192.168.172.1) Win2000Pro ( ip=192.168.172.4 gateway=192.168.172.1) Is this configuration correct (gateway, ip, etc ...) ?Here, before to use rc.firewall for the bridge mode, my GuestOS can't contact the network 129.157.178.0 butjust the ip of the HostOS (129.157.178.xxx). Here is the principal configuration of my rc.firewall script : ------------------------------------------------------------------------------ PUBLIC_IP="192.168.172.2 192.168.172.3 192.168.172.4" INET_IFACE="eth0" LAN_IFACE="vmnet1" LAN_BCAST_ADDRESS="192.168.172.255"After I execute this script, I can't communicate with the external address from my HostOS with eth0.Am I impose to have two physical interfaces ? One eth0 for enter to the network 129.157.178.0, and another one eth1 for use with the bridge ? In fact, I am completly confuse here and here is what I want :Continue to use my HostOS for access to intranet (with my static IP 129.157.178.xxx) and internet.Build a virtual honeynet with vmware on a Host-Only Networking 192.168.172.0 For genII, I need to use the firewall in bridge mode. Allow to my GuestOS to acceed to the intranet 129.157.178.0 and more.Can I use a virtual IP for my bridge for keep my eth1 with the IP address 129.157.178.xxx ?I hope that my requests are not bad. Please help me to find a solution for this situation. Thanks in advance for your comments on this. GR-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/exafpPYocrgNjZgRAuJ4AJsG0wA3nrja0ZUgw8Fn1yZem44CvgCfWW2Y t3ula2I7L+diBWdUktMjjfQ= =POBc -----END PGP SIGNATURE-----
Current thread:
- virtual honeynet with vmware Guillaume Rix (Oct 01)
- Message not available
- Re: virtual honeynet with vmware Guillaume Rix (Oct 02)
- Message not available
- Re: virtual honeynet with vmware Guillaume Rix (Oct 02)
- Re: virtual honeynet with vmware Guillaume Rix (Oct 02)
- Message not available
- <Possible follow-ups>
- Re: virtual honeynet with vmware Steve (Oct 02)