Re: Honeyd-0.8 wrong respond

On Tue, Mar 09, 2004 at 06:25:35PM +0800, wan fat wu wrote:
> I am now using mhoneyd-0.8. I have started arpd and
> honeyd together in computer A in local network.
> However, when I use nmap to scan the computer A, it
> can response the services that I have started but IT
> CANNOT DETECT THE OS!! What I mean can't detect the OS
> is it replys the fingerprints. I have tested many
> combination but it still gives me the fingerpring.

The following diff solves the problem. A new release of
Honeyd is coming soon. Need to find some more time and
polish some of the new features.

Niels.

Index: honeyd.c
===================================================================
RCS file: /cvs/honeyd/honeyd.c,v
retrieving revision 1.187
retrieving revision 1.188
diff -u -r1.187 -r1.188
--- honeyd.c 6 Feb 2004 12:38:10 -0000 1.187
+++ honeyd.c 8 Feb 2004 11:17:07 -0000 1.188
@@ -1601,9 +1605,8 @@
                                  */
                                 if (tiflags & (TH_RST|TH_ACK))
                                         goto kill;
+ tiflags &= ~TH_FIN;
                         }
-
- tiflags &= ~TH_FIN;
 
                         /* Just drop the packet */
                         if (flags & TH_RST)
Received on Tue Mar 09 2004 - 14:14:15 PST