Honeypots: Re: honeyd 1.0 and rrdtool error

[Chris <list.traffic () frys com>]

I am also having trouble with the iis webserver, when I try to connect  
from a remote host using the opera web browser I get the following error  
from syslog.  I have commented out the 127.0.0.1 block in server.pl. The  
files are owned by owner and group honeyd and I have used the -u and -g  
options on honeyd startup.
Jan 14 06:21:51 dracula honeyd[2421]: E(198.92.224.12:32985 -  
10.0.1.51:80): honeyd: cmd_fork: execv(scripts/iis-0.95/iisemul8.pl):  
Permission denied
Jan 14 06:21:51 dracula honeyd[2421]: E(198.92.224.12:32986 -  
10.0.1.51:80): honeyd: cmd_fork: execv(scripts/iis-0.95/iisemul8.pl):  
Permission denied
Jan 14 06:21:51 dracula honeyd[2421]: E(198.92.224.12:32987 -  
10.0.1.51:80): honeyd: cmd_fork: execv(scripts/iis-0.95/iisemul8.pl):  
Permission denied
Jan 14 06:21:51 dracula honeyd[2421]: E(198.92.224.12:32988 -  
10.0.1.51:80): honeyd: cmd_fork: execv(scripts/iis-0.95/iisemul8.pl):  
Permission denied
Jan 14 06:21:51 dracula honeyd[2421]: E(198.92.224.12:32989 -  
10.0.1.51:80): honeyd: cmd_fork: execv(scripts/iis-0.95/iisemul8.pl):  
Permission denied
Thanks for your help

On Wed, 5 Jan 2005 11:26:07 -0600, Williams Jon  
<WilliamsJonathan () JohnDeere com> wrote:
> Confirmed.  I commented out the block checking the client IP address to
> see if it was 127.0.0.1, and now the page comes up.
>
> Thanks for the pointer!
>
> Jon
>
> -----Original Message-----
> From: William Meloney VII [mailto:bmeloney () mindspring com]
> Sent: Wednesday, January 05, 2005 11:02 AM
> To: honeypots () securityfocus com
> Subject: RE: honeyd 1.0 and rrdtool error
>
> 127.0.0.1 is hardcoded into the python webserver script.  You have to be
> on the machine running honeyd to access the pages... until you
> un-hardcode the address...
>
> HTH
>
> - WMVII


--
Using Opera's revolutionary e-mail client: http://www.opera.com/m2/