<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Honeypots: Walleye don't recognize sebek packet

Walleye don't recognize sebek packet

From: <mng3_at_libero.it>
Date: Thu, 19 Oct 2006 18:50:33 +0200

Hi,
I have a little problem with Walleye (I use roo-1.0.hw-189 with one Windows honeypot).
In fact, Walleye show *only one* Sebek record when the honeypot starts.

So, Walleye don't show the other sebek packets: they are considered as they were normal traffic.
I.e., the Sebek packet's source IP is the IP of the Honeypot (source port = 1101), it's destination IP and port are the IP and port that I've chosen.
So, the buttons for get additional information on Sebek data are not displayed.

Of course, I've indicated to the Honeywall the destination IP and port that Sebek client use.

Thanks

Regards
Received on Oct 19 2006

This message: [ Message body ]
Next message: Landon Lewis: "Re: EEye to build world's largest honeypot"
Previous message: Mark Ryan del Moral Talabis: "EEye to build world's largest honeypot"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos