Hi all,
I have a problem with Sebek client for Windows version 3.0.4 and 3.0.3.
I use Roo hw1.0-189 and the (virtual) honeypot is WinXP Pro sp2, executed with VMware Player (Host OS: WinXP home sp2).
I installed and configured Sebek client on my honeypot, but when I restarted it, the machine shown me a BSOD and, after a while, it tried to restart itself , but unsuccessful.
So, I restored the latest working configuration of WinXP, and this solved the problem: WinXP started correctly.
However, Sebek client didn't do his job: it didn't send any packet.
Afterward I tried to configure Sebek again, using the "Configuration Wizard" and this time WinXP didn't show any problem. However, Sebek client still don't work.
I have used both tcpdump and sbk_extract to check the existence of Sebek packets, but I did't find any.
Furthermore I have connected the honeypot with another machine in which there is Ethereal,but the result was the same.
This happen with both version 3.0.4 and version 3.0.3 (of course, I configured the Honeywall correctly).
I will be grateful to everyone that will help me.
Thanks.
Sam
Received on Oct 13 2006
Intro
