Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

honeypots logo Honeypots mailing list archives

Unwanted traffic in honeynet
From: "Martin Kristensen" <martink () student hin no>
Date: Tue, 19 Apr 2005 11:37:56 +0200
Hello everyone
I thought the public_ip value set in the firewall scripts would stop traffic
that wasn't ment for the honeynet.
Our honeypots have public ip's like xxx.xx.124.14 and xxx.xx.124.15 with a
broadcast adress of xxx.xx.125.255.
The 124 and 125 net are the same so that the prefix would be xxx.xx.125/24
But we're getting unwanted traffic in our snort logs. Traffic that were ment
for other computers on the same lan, like xxx.xx.124.89
Have we configured something wrong in the scripts? Anyone experienced the
same?

Regards

Martin and Elena

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]