Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

honeypots logo Honeypots mailing list archives

hybrid virtual honeynets
From: Angel Avila <darthspud () yahoo com>
Date: Thu, 23 Sep 2004 20:59:30 -0700 (PDT)
Hi, I've recently became real interested in honeynets.
 I am trying to build a hybrid virtual honeynet.  I've
been following the KYE: Gen II honeynet and Learning
with VMWare whitepaper as guides for the development.
 
The question I have pertains to bridging.  Will I have
to have a bridge running on both machines (gateway,
hostOS of honeypots)?  How does running a hybrid
affect running tools like sebek or rc.firewall script?
 
I am assuming that on the gateway side I will have the
rc.firewall's LAN_IFACE variable and bridge interface
set to ETH1 (my gateway only has 2 eth cards).  This
will be the same for the other tools such as
snort_inline and snort.
 
I am not sure on the hostOS side. 
 
I've kinda gotten confused, since I am trying to
follow the two whitepapers.
 
I would appreciate any suggestions.
 
Thanks
 


                
__________________________________
Do you Yahoo!?
Yahoo! Mail - You care about security. So do we.
http://promotions.yahoo.com/new_mail

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]