Chinaunix

标题: 谁用过honeyd，帮忙，谢谢！ [打印本页]

---

作者: jupiters    时间: 2005-02-23 12:22
标题: 谁用过honeyd，帮忙，谢谢！
我安装honeyd 1.0，但是配置后的启动总是
honeyd[2624]: Connection to closed port: udp (211.68.71.4:53 - 59.64.156.207:1726)

我的配置文件内容是：
### Linux 2.4.x computer
create linux
set linux personality "Linux 2.4.16 - 2.4.18"
set linux default tcp action reset
set linux default udp action reset
add linux tcp port 21 "sh ftp.sh"
set linux uptime 3284460
bind 59.64.156.140 linux

我的ip 地址是59.64.156.204,虚拟59.64.156.140位一个ftp server.但总是出错
我启动honeyd的命令是：
honeyd -d -p nmap.prints -f confhoney -x xprobe2.conf -a nmap.assoc 59.64.156.140-141

输出结果是：

1. Honeyd V1.0 Copyright (c) 2002-2004 Niels Provos
   
2. honeyd[2678]: started with -d -p nmap.prints -f confhoney -x xprobe2.conf -a nmap.assoc 59.64.156.140-59.64.156.141
   
3. Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0"
   
4. Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3"
   
5. honeyd[2678]: listening promiscuously on eth0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip and (dst net 59.64.156.140/31))) and not ether src 00:0c:29:4d:8e:72
   
6. honeyd[2678]: HTTP server listening on port 80
   
7. honeyd[2678]: HTTP server root at /usr/local/share/honeyd/webserver/htdocs
   
8. honeyd[2678]: Demoting process privileges to uid 32767, gid 32767
   
9. honeyd[2678]: update_check: failed to resolve host.
   
10. honeyd[2678]: Connection to closed port: udp (59.64.156.1:67 - 255.255.255.255:68)
    
11. 不停循环....

复制代码

用ftp和ping 来访问虚拟ip 59.64.156.140，报告主机没有启动。

由谁来指导一下？
谢谢

---

欢迎光临 Chinaunix (http://bbs.chinaunix.net/)

Powered by Discuz! X3.2