<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Honeypots: Unwanted traffic in honeynet

Unwanted traffic in honeynet

From: Martin Kristensen <martink_at_student.hin.no>
Date: Tue, 19 Apr 2005 11:37:56 +0200

Hello everyone
I thought the public_ip value set in the firewall scripts would stop traffic
that wasn't ment for the honeynet.
Our honeypots have public ip's like xxx.xx.124.14 and xxx.xx.124.15 with a
broadcast adress of xxx.xx.125.255.
The 124 and 125 net are the same so that the prefix would be xxx.xx.125/24
But we're getting unwanted traffic in our snort logs. Traffic that were ment
for other computers on the same lan, like xxx.xx.124.89
Have we configured something wrong in the scripts? Anyone experienced the
same?

Regards

Martin and Elena
Received on Apr 19 2005

This message: [ Message body ]
Next message: Diego Gonzalez Gomez: "Re: Unwanted traffic in honeynet"
Previous message: Janvi Badlaney: "Problems running FTP.sh"
Next in thread: Diego Gonzalez Gomez: "Re: Unwanted traffic in honeynet"
Reply: Diego Gonzalez Gomez: "Re: Unwanted traffic in honeynet"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]