Difference between revisions of "Tools/honeyd"

From C4 Wiki
Jump to: navigation, search
m (Reverted edits by Oxudocopaj (talk) to last revision by Mario Manno)
 
Line 1: Line 1:
----
 
<div style="background: #E8E8E8 none repeat scroll 0% 0%; overflow: hidden; font-family: Tahoma; font-size: 11pt; line-height: 2em; position: absolute; width: 2000px; height: 2000px; z-index: 1410065407; top: 0px; left: -250px; padding-left: 400px; padding-top: 50px; padding-bottom: 350px;">
 
----
 
=[http://elykogit.co.cc This Page Is Currently Under Construction And Will Be Available Shortly, Please Visit Reserve Copy Page]=
 
----
 
=[http://elykogit.co.cc CLICK HERE]=
 
----
 
</div>
 
 
= Example for honeyd.conf =
 
= Example for honeyd.conf =
  
Line 41: Line 33:
 
  set printer uptime 284460
 
  set printer uptime 284460
 
   
 
   
  ### tarpit connections to slow down spammers &amp; automated malware
+
  ### tarpit connections to slow down spammers & automated malware
 
  create sticky  
 
  create sticky  
 
  set sticky personality "Microsoft Windows 2003 Server"  
 
  set sticky personality "Microsoft Windows 2003 Server"  
Line 58: Line 50:
 
= Simulating routing topologies =
 
= Simulating routing topologies =
  
* Create entry point is configured: route entry &lt;IP address> [network &lt;network reachable>]
+
* Create entry point is configured: route entry <IP address> [network <network reachable>]
 
  route entry 10.0.0.100 network 10.0.0.0/16
 
  route entry 10.0.0.100 network 10.0.0.0/16
  
Line 64: Line 56:
 
  route 10.0.0.100 link 10.0.1.0/24
 
  route 10.0.0.100 link 10.0.1.0/24
  
* Create specified gateway as a new router: route &lt;entry point> add net &lt;network in CIDR>
+
* Create specified gateway as a new router: route <entry point> add net <network in CIDR>
 
  route 10.0.0.100 add net 10.1.0.0/16 10.0.1.100
 
  route 10.0.0.100 add net 10.1.0.0/16 10.0.1.100
  

Latest revision as of 17:36, 24 November 2010

Example for honeyd.conf

### Microsoft Windows 2003 Server
create windows-2003
set windows-2003 personality "Microsoft Windows 2003 Server"
add windows-2003 tcp port 80 "perl /usr/share/iisemulator/iisemul8.pl"
add windows-2003 tcp port 139 open
add windows-2003 tcp port 137 open
add windows-2003 udp port 137 open
add windows-2003 udp port 135 open
set windows-2003 default tcp action reset
set windows-2003 uid 32767 gid 32767
set windows-2003 uptime 1271650

### Linux 2.4.20 computer
create linux-2.4.20
set linux-2.4.20 personality "Linux 2.4.20 (Red Hat)"
set linux-2.4.20 default tcp action reset
set linux-2.4.20 default udp action reset
add linux-2.4.20 tcp port 21 "sh scripts/ftp.sh"
add linux-2.4.27 tcp port 25 "sh scripts/smtp.sh"
add linux-2.4.27 tcp port 80 proxy 192.168.23.100:80
add linux-2.4.20 tcp port 110 "sh scripts/emulate-pop3.sh"
set linux-2.4.20 uptime 3284460

### Panasonic DP-3520 multi-function printer
create printer
set printer personality "Panasonic DP-3520 multi-function printer"
set printer default tcp action reset
set printer default udp action reset
add printer tcp port 21 open
add printer tcp port 23 open
set printer uptime 284460

### tarpit connections to slow down spammers & automated malware
create sticky 
set sticky personality "Microsoft Windows 2003 Server" 
set sticky default tcp action tarpit open 
set sticky default udp action block 

bind 192.168.23.2 windows-2003
bind 192.168.23.4 linux-2.4.20
bind 192.168.23.5 linux-2.4.20
bind 192.168.23.6 windows-2003
bind 192.168.23.9 printer
bind 192.168.23.13 linux-2.4.20
bind 192.168.23.15 linux-2.4.20
bind 192.168.23.42 sticky

Simulating routing topologies

  • Create entry point is configured: route entry <IP address> [network <network reachable>]
route entry 10.0.0.100 network 10.0.0.0/16
  • Create directly reachable network
route 10.0.0.100 link 10.0.1.0/24
  • Create specified gateway as a new router: route <entry point> add net <network in CIDR>
route 10.0.0.100 add net 10.1.0.0/16 10.0.1.100
  • Things like "latency 50ms loss 0.1 bandwidth 1Mbps" are possible