Back to list
honeyd and prelude
Sep 18 2007 01:39PM
OÄ?uz YarÄ±mtepe (comp ogz gmail com)
I checked the honyd forums and everyone asking the same thing.
I installed honeyd to Debian etch. The version is 1.5b. After configuring
honeyd.conf and running it, i decided to log to the prelude and see the
details at prewikka. I checked the web and found that after writing to the
prelude-lml.conf some regular expressions and registering to prelude i will
be able to see the agents at prewikka.
I added some entries to the prelude-lml.conf:
prefix-regex = "honeydlog(started|stopped)------;
classification.text=Honeypotlog$1; id=2611; revision=1;
file = /var/log/honeypot/honeyd.log
(to see the whole prelude-lml.conf check here please:
and registered using prelude-adduser register ...
But i still dont see my agent on the prewikka. I think i am missing something.
I will be happy if someone tells me how will i enable honeyd as a sesor to
[ reply ]
Copyright 2010, SecurityFocus