Re: basic honeynet question

[Hugo Francisco González Robledo <hugo.gonzalez () itslp edu mx>]

I think you are wrong, you need some like that :


internet--router ---|eth0  honeywall  eth1|--honeypot

because, the honeywall is for contain the honeypot, not for all the net.

Regrets




On Fri, Apr 07, 2006 at 07:02:38PM -0600, mat wrote:
> so i have my honeynet set up like this...
>
> internet--|eth0  honeywall  eth1|--router--honeypot
>
> the router obtains an IP address correctly, but i cannot access the 
> internet with the honeypot box.  i have disabled snort-inline so the 
> packets should be sent.  anyone have any ideas?
>
>
>
>
> mr () simla colostate edu wrote:
> > im using the roo installation from www.honeynet.org and am having trouble 
> > understanding how the NIC cards are supposed to be set up.  they say 
> > * eth0 is the "Internet" or outside Interface
> > * eth1 is the LAN interface (Honeypot side)
> > * eth2 is the Management interface
> > * br0 is the virtual bridge interface (eth0 + eth1)
> >
> > but i dont completly understand what that means.  is eth0 where the 
> > incoming connection comes, then eth1 is where the outbound packets are 
> > sent? also, do i need to set up a gateway before the honeypot? or can i 
> > user a router? im just really confused about how the physical networking 
> > is supposed to be done.  could someone give me some help?  thanks in 
> > advance
> >  

-- 
Hugo Francisco González Robledo
Instituto Tecnológico de San Luis Potosí

Llave pública en http://ardilla.zapto.org

Excelente año 2006!

-------------------------------------------
Educación es lo que queda después de olvidar
lo que se ha aprendido en la escuela.
                Albert Einstein
-------------------------------------------