honeyd and udp

Hi all,

My first post here...

I'm having difficulty getting "stuff" from honeyd using a shell script as a udp service.

Basically, I want to get a udp echo service working first so I can build upon that.

Here's what I'm working with (a modified version of echo.sh):


--------------------------------------------------------
LOG=logs/$1.log
DATE=`date "+%F %R:%S"`
echo "$DATE $0 $1 $2 $3 $4 started" >> $LOG
while read data
do
        DATE=`date "+%F %R:%S"`
        echo "$DATE $0 $1 $2 $3 $4 RX $data" >> $LOG
        echo "$data"
        DATE=`date "+%F %R:%S"`
        echo "$DATE $0 $1 $2 $3 $4 TX $data" >> $LOG
done
--------------------------------------------------------

When I use this and connect to it via a java-based udp echo client, it blocks on the read. If I change the read command to "read -n 1 data" I can get the initial character I sent; I would think that on subsequent loops, I'd receive the subsequent character, but the receive buffer appears to be cleared and I get the first character from the next transmission. Also, anything other than one character causes it to block on read.

I know udp is significantly different than tcp, but I can't figure out why I'm blocking on the initial input, even when I'm sending the newline as part of my message (which is only text).

Does honeyd do something different with udp packets on receive or can shell scripts not deal with them properly?

Thanks for any help,

Brad K.
brad -dot- kuntzelman {at} afit -dot- edu