Honeypots mailing list archives
Honeyd-0.8 wrong respond
From: wan fat wu <thizthiz () yahoo com hk>
Date: Tue, 9 Mar 2004 18:25:35 +0800 (CST)
Hi All, I am now using mhoneyd-0.8. I have started arpd and honeyd together in computer A in local network. However, when I use nmap to scan the computer A, it can response the services that I have started but IT CANNOT DETECT THE OS!! What I mean can't detect the OS is it replys the fingerprints. I have tested many combination but it still gives me the fingerpring. I will be appreciate to any helps! I have tried to solve it for very long time! Here is my config. arpd: ./arpd -d -i eth0 192.168.0.0/24 honetd: ./honeyd -d -f honeyd.conf -p nmap.prints -i eth0 192.168.0.0/24 config file honeyd.conf create template set template personality "Check Point FireWall-1 4.0 SP-5 (IPSO build)" add template tcp port 80 "sh scripts/web.sh" add template tcp port 23 block add template tcp port 22 "sh scripts/test.sh" set template default tcp action reset set template uid 32767 # Example of a simple host template and its binding create win set win personality "Microsoft Windows XP Professional SP1" add win tcp port 22 "sh scripts/test.sh $ipsrc $dport" set win default tcp action reset add win tcp port 23 proxy $ipsrc:23 add win udp port 53 proxy 141.211.92.141:53 add win tcp port 80 "scripts/iis/main.pl" create solaris set solaris personality "Sun Solaris 2.6" set solaris default tcp action reset add solaris tcp port 80 "sh scripts/web.sh" add solaris tcp port 22 "sh scripts/test.sh" add solaris tcp port 161 "sh scripts/default.snmp" add solaris tcp port 113 reset add solaris tcp port 1 reset bind 192.168.0.30 template bind 192.168.0.40 allopen bind 192.168.0.50 win bind 192.168.0.60 solaris Best, Fred _________________________________________________________ 必殺技、飲歌、小星星... 浪漫鈴聲 情心連繫 http://us.rd.yahoo.com/evt=22281/*http://ringtone.yahoo.com.hk/
Current thread:
- Honeyd-0.8 wrong respond wan fat wu (Mar 09)
- Re: Honeyd-0.8 wrong respond Niels Provos (Mar 09)