Honeyd initial configuration Sep 06 2007 11:23AM
paavan shah gmail com
hello all!!

I am a newbie to honeypots.To learn honeypots I have installed honeyd 1.5c and arpd 0.2 on Fedora Core 4 VM.All the installation has been done successfully.

Now to test the honeyd installation I do following as per the paper "simulating networks with honeyd"

My honeyd ip is have setup my Fedora machine ip to for this.


contents of the honeyd.conf file I have created is:

create windows

set windows personality "Microsoft Windows XP Professional SP1"

add windows tcp port 139 open

add windows tcp port 137 open

add windows udp port 137 open

add windows udp port 135 open

set windows default tcp action reset

set windows default udp action reset

bind windows

bind windows

then I run honeyd with following command

#honeyd -f honeyd.conf

Now if I scan and using nmap then I should receive response,right?

On the same machine I have installed nmap.when I do a SynConnect or Syn stealth scan it does not show any of the machines as up.Even I am not getting ping replies from and

Please let me know where am I wrong????How do I know that the things I have setup are correct?I mean how can I check that arpd is replying to any requests in n/w.

Thanks in advance


[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus