Chinaunix首页 | 论坛 | 博客
  • 博客访问: 124374
  • 博文数量: 32
  • 博客积分: 2011
  • 博客等级: 大尉
  • 技术积分: 375
  • 用 户 组: 普通用户
  • 注册时间: 2008-04-03 17:57
文章分类

全部博文(32)

文章存档

2011年(1)

2009年(8)

2008年(23)

我的朋友

分类: 网络与安全

2008-12-18 11:55:36

    昨天装好Redhat之后在系统中安装了honeyd。
    按照《Virtual Honeypos-From Botnet Tracking to Intrusion Detection》一书的instruction,首先是下载并安装了3个包——libevent,libdnet和libpcap。然后下载安装了honeyd。
配置主机,让它不向前发送ip包(forward IP packets不知道该怎么理解)
echo 0> /proc/sys/net/ipv4/ip_forward
    按照书上运行honeyd

$ sudo ./honeyd -d -f config.sample
Password:
Honeyd V1.0 Copyright (c) 2002-2004 Niels Provos
honeyd[8222]: started with -d -f config.sample
Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0"
Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0"
honeyd[8222]: listening promiscuously on fxp0: (arp or ip proto 47 or (udp
and src port 67 and dst port 68) or (ip ))
honeyd[8222]: HTTP server listening on port 80
honeyd[8222]: HTTP server root at /usr/local/share/honeyd/webserver/htdocs
honeyd[8222]: Demoting process privileges to uid 32767, gid 32767

     但是我的运行结果却是:
[root@localhost ~]# honeyd -d -f config.sample
Honeyd V1.5c Copyright (c) 2002-2007 Niels Provos
honeyd[15661]: started with -d -f config.sample
Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0"
Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3"
honeyd: interface_new: bad interface configuration: peth0 is not IP

貌似是没有运行起来,最后一句“honeyd: interface_new: bad interface configuration: peth0 is not IP”是什么意思呢?我对linux了解不多,对interface, phth0 等概念更是不清楚。看来要仔细查查了。

 

阅读(1296) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~