Hi All,
I am now using mhoneyd-0.8. I have started arpd and
honeyd together in computer A in local network.
However, when I use nmap to scan the computer A, it
can response the services that I have started but IT
CANNOT DETECT THE OS!! What I mean can't detect the OS
is it replys the fingerprints. I have tested many
combination but it still gives me the fingerpring.
I will be appreciate to any helps! I have tried to
solve it for very long time!
Here is my config.
arpd:
./arpd -d -i eth0 192.168.0.0/24
honetd:
./honeyd -d -f honeyd.conf -p nmap.prints -i eth0
192.168.0.0/24
config file honeyd.conf
create template
set template personality "Check Point FireWall-1 4.0
SP-5 (IPSO build)"
add template tcp port 80 "sh scripts/web.sh"
add template tcp port 23 block
add template tcp port 22 "sh scripts/test.sh"
set template default tcp action reset
set template uid 32767
# Example of a simple host template and its binding
create win
set win personality "Microsoft Windows XP Professional
SP1"
add win tcp port 22 "sh scripts/test.sh $ipsrc $dport"
set win default tcp action reset
add win tcp port 23 proxy $ipsrc:23
add win udp port 53 proxy 141.211.92.141:53
add win tcp port 80 "scripts/iis/main.pl"
create solaris
set solaris personality "Sun Solaris 2.6"
set solaris default tcp action reset
add solaris tcp port 80 "sh scripts/web.sh"
add solaris tcp port 22 "sh scripts/test.sh"
add solaris tcp port 161 "sh scripts/default.snmp"
add solaris tcp port 113 reset
add solaris tcp port 1 reset
bind 192.168.0.30 template
bind 192.168.0.40 allopen
bind 192.168.0.50 win
bind 192.168.0.60 solaris
Best,
Fred
_________________________________________________________
必殺技、飲歌、小星星...
浪漫鈴聲 情心連繫
http://us.rd.yahoo.com/evt=22281/*http://ringtone.yahoo.com.hk/
Received on Tue Mar 09 2004 - 12:41:16 PST
