Honeyd Error While Running With Honeyd.conf In Kali Linux

hi there once again
Now I am getting this problem which running the cmd "honeyd -d -f honeyd.conf"
root@kali:/etc/honeypot# honeyd -d -f honeyd.conf
Honeyd V1.5c Copyright (c) 2002-2007 Niels Provos
honeyd[4726]: started with -d -f honeyd.conf
honeyd[4726]: listening promiscuously on eth0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip )) and not ether src 98:4b:e1:94:62:46
honeyd[4726]: [eth0] trying DHCP
honeyd[4726]: Demoting process privileges to uid 65534, gid 65534
honeyd[4726]: [eth0] got DHCP offer: 192.168.23.2
honeyd[4726]: Updating ARP binding: 00:00:24:26:26:1d -> 192.168.23.2
honeyd[4726]: arp reply 192.168.23.2 is-at 00:00:24:26:26:1d
honeyd[4726]: TTL exceeded for dst 224.0.0.22 at gw 10.0.0.1
honeyd[4726]: No reverse routing map for 10.0.0.1
honeyd[4726]: TTL exceeded for dst 224.0.0.22 at gw 10.0.0.1
honeyd[4726]: No reverse routing map for 10.0.0.1
honeyd[4726]: TTL exceeded for dst 224.0.0.22 at gw 10.0.0.1
honeyd[4726]: No reverse routing map for 10.0.0.1
honeyd[4726]: TTL exceeded for dst 224.0.0.22 at gw 10.0.0.1
honeyd[4726]: No reverse routing map for 10.0.0.1

what does it mean? because it starts to spam the terminal with such errors. or it is not??

I think, I have to edit the "honeyd.conf" file, but no clue.
the following is my honeyd configuration.

route entry 10.0.0.1
route 10.0.0.1 link 10.2.0.0/24
route 10.0.0.1 add net 10.3.0.0/16 10.3.0.1 latency 8ms bandwidth 10Mbps
route 10.3.0.1 link 10.3.0.0/24
route 10.3.0.1 add net 10.3.1.0/24 10.3.1.1 latency 7ms loss 0.5
route 10.3.1.1 link 10.3.1.0/24

# Example of a simple host template and its binding
create template
set template personality "Microsoft Windows XP Professional SP1"
set template uptime 1728650
set template maxfds 35
# For a complex IIS server
add template tcp port 80 "sh /usr/share/honeyd/scripts/win32/web.sh"
add template tcp port 22 "/usr/share/honeyd/scripts/test.sh $ipsrc $dport"
add template tcp port 23 proxy $ipsrc:23
add template udp port 53 proxy 141.211.92.141:53
set template default tcp action reset
# Use this if you are not running honeyd as 'honeyd' user:
# Debian-specific (use nobody = 65534 instead of 32767)
# set template uid 65534 gid 65534

create default
set default default tcp action block
set default default udp action block
set default default icmp action block

create windows
set windows personality "Microsoft Windows XP Professional SP1"
set windows default tcp action reset
add windows tcp port 135 open
add windows tcp port 139 open
add windows tcp port 445 open

set windows ethernet "00:00:24:ab:8c:12"
dhcp windows on eth0

urgent help needed please. thanks in advance

I Cannot Find My Honeyd Logs In Kali Linux

hey there
And again, I got stuck in this problem.
I could not find honeyd logs in var/logs/honeypot/
there isnt any file.

I ran the honeyd with "honeyd -d -f honeyd.conf"
it works in terminal. but there arent any logs at all.

root@kali:/etc/honeypot# honeyd -d -f honeyd.conf
Honeyd V1.5c Copyright (c) 2002-2007 Niels Provos
honeyd[6952]: started with -d -f honeyd.conf
honeyd[6952]: listening promiscuously on eth0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip )) and not ether src 98:4b:e1:94:62:46
honeyd[6952]: [eth0] trying DHCP
honeyd[6952]: Demoting process privileges to uid 65534, gid 65534
honeyd[6952]: [eth0] got DHCP offer: 192.168.23.3
honeyd[6952]: Updating ARP binding: 00:00:24:8b:83:c3 -> 192.168.23.3
honeyd[6952]: arp reply 192.168.23.3 is-at 00:00:24:8b:83:c3
honeyd[6952]: Sending ICMP Echo Reply: 192.168.23.3 -> 110.44.116.18

after some research, i came to know that i should include "-l" to create logs.
but it showed me only this.

root@kali:/etc/honeypot# honeyd -l -d -f honeyd.conf
Honeyd V1.5c Copyright (c) 2002-2007 Niels Provos
honeyd[6960]: started with -l -d -f honeyd.conf
honeyd[6960]: listening promiscuously on eth0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip )) and not ether src 98:4b:e1:94:62:46
honeyd[6960]: [eth0] trying DHCP
Honeyd starting as background process
root@kali:/etc/honeypot#

so what could be the issue? Urgent help needed.
thanks in advance
P.S I am a linux newbie.

Problem With Honeyd Installation During "make" In Kali Linux

Hello there,
First of all thank you for making me a part of this forum.
Secondly, here is the problem..
I am facing this problem in honeyd installation during "make"

root@kali:~/Desktop/Narayan/honeyd-1.5c# sudo make
make all-recursive
make[1]: Entering directory `/root/Desktop/Narayan/honeyd-1.5c'
Making all in .
make[2]: Entering directory `/root/Desktop/Narayan/honeyd-1.5c'
gcc -DHAVE_CONFIG_H -I. -I. -I. -I./ -I./compat -I/usr/local/include -I/usr/local/include -I/usr/local/include -O2 -Wall -g -DPATH_HONEYDINCLUDE="\"/usr/local/include/honeyd\"" -DPATH_HONEYDDATA="\"/usr/local/share/honeyd\"" -DPATH_HONEYDLIB="\"/usr/local/lib/honeyd\"" -DHONEYD_PLUGINS_DECLARE="" -DHONEYD_PLUGINS="" -DPATH_RRDTOOL="\"\"" -c honeyd.c
In file included from honeyd.c:97:0:
tagging.h:89:6: error: expected declaration specifiers or �...� before �(� token
tagging.h:89:6: error: expected declaration specifiers or �...� before �(� token
In file included from stats.h:36:0,
from honeyd.c:98:
./compat/sha1.h:23:3: warning: �__bounded__� attribute directive ignored [-Wattributes]
./compat/sha1.h:23:3: warning: �__bounded__� attribute directive ignored [-Wattributes]
./compat/sha1.h:26:3: warning: �__bounded__� attribute directive ignored [-Wattributes]
./compat/sha1.h:28:3: warning: �__bounded__� attribute directive ignored [-Wattributes]
./compat/sha1.h:30:3: warning: �__bounded__� attribute directive ignored [-Wattributes]
./compat/sha1.h:32:3: warning: �__bounded__� attribute directive ignored [-Wattributes]
./compat/sha1.h:35:3: warning: �__bounded__� attribute directive ignored [-Wattributes]
./compat/sha1.h:35:3: warning: �__bounded__� attribute directive ignored [-Wattributes]
make[2]: *** [honeyd.o] Error 1
make[2]: Leaving directory `/root/Desktop/Narayan/honeyd-1.5c'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/root/Desktop/Narayan/honeyd-1.5c'
make: *** [all] Error 2

I found a similar thread in this forum as well to solve the above problem by using "apt-get install honeyd" but didnt quite worked for me.

root@kali:~/Desktop/Narayan/honeyd-1.5c# apt-get install honeyd
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package honeyd

I tried researching but couldnt find any solutions. Moreover, I am really a newbie at Kali Linux and other debians as well.
I would appreciate if somone could help me.
Thank you.

Slackware 14.1/adduser Command/session Files

Hello All,

Under root we create a user named "template" using the adduser command which is used to setup a kde GUI logon screen for all users. When a user's name is initially used to sign on we get a window on the GUI that states "Run as Template. The action you requested needs additional privileges. Please enter password for template." (Note: No password for template is used.) There are four files that have been observed:
/usr/bin/hp-systray-session (followed by numbers)
/usr/bin/akonadi_agent_launcher-session (follwed by numbers)
/usr/bin/khelpcenter-session (followed by numbers)
/usr/bin/nepomukcontroller-session (followed by numbers).

When we logout then log back in,this window does not appear again on the GUI.

Any help for this one?

Thanks.

Regards,

Jeff

Grub-mkconfig Menu Changes

I want to change the menu on a Suse 12 Enterprise system.
I edit the /etc/default zip12grub.conf file execure grug2-mkconfig. Then reboot the system and no changes occur. The zip12grub.conf seems like the correct file to update so I am at a loss as to what the correct process would be.

cat zipl2grub.conf
## This is the template for '@zipldir@/config' and is subject to
## rpm's %config file handling in case of grub2-s390x-emu package update.

[defaultboot]
defaultmenu = menu

[grub2]
target = @zipldir@
ramdisk = @zipldir@/initrd,0x2000000
image = @zipldir@/image
parameters = "root=@GRUB_DEVICE@ @GRUB_EMU_CONMODE@ @GRUB_CMDLINE_LINUX@ @GRUB_CMDLINE_LINUX_DEFAULT@ initgrub quiet splash=silent "

[skip-grub2]
target = @zipldir@
ramdisk = @zipldir@/initrd,0x2000000
image = @zipldir@/image
parameters = "root=@GRUB_DEVICE@ @GRUB_CONMODE@ @GRUB_CMDLINE_LINUX@ @GRUB_CMDLINE_LINUX_DEFAULT@ "

[test-grub2]
target = @zipldir@
ramdisk = @zipldir@/initrd,0x2000000
image = @zipldir@/image
parameters = "root=@GRUB_DEVICE@ @GRUB_CONMODE@ @GRUB_CMDLINE_LINUX@ @GRUB_CMDLINE_LINUX_DEFAULT@ "

:menu
target = @zipldir@
timeout = 16
default = 1
prompt = 1
1 = grub2
2 = skip-grub2
3 = test menu grub2

grub2-mkconfig -o /boot/grub2/grub.cfg

Generating grub configuration file ...
Found linux image: /boot/image-3.12.39-47-default
Found initrd image: /boot/initrd-3.12.39-47-default
Found linux image: /boot/image-3.12.28-4-default
Found initrd image: /boot/initrd-3.12.28-4-default
done

reboot

Storage cleared - system reset.
zIPL v1.24.1-38.17 interactive boot menu

0. default (grub2)

1. grub2
2. skip-grub2

Note: VM users please use '#cp vi vmsg <input> <kernel-parameters>'

Please choose (default will boot in 16 seconds):
Booting default (grub2)

Help On Rndc. Want To Control Remote Bind Server, But Cant....

Hi All,

Please help me. I'm following the book - ' DNS and BIND, 5th Ed By Paul Albitz, Cricket Liu '. This RNDC is driving me crazy. I spent all day trying to configure rndc. Tried every possible combination in config files, but I just cant control remote server. Tried many tutorials from google, nothing helped. LQ is my last hope.

So, my story goes like this...

MASTER BIND SERVER:
Host: toystory.movie.edu
IP: 10.249.249.3/24
OS: CentOS 7.1

SLAVE BIND SERVER:
Host: wormhole.movie.edu
IP: 10.249.249.2/24
OS: CentOS 6.6

MASTER SERVER (toystory) CONFIGURATION FILES:
Code:

[root@toystory ~]# cat /etc/rndc.conf
key "toystory-key" {
	algorithm hmac-md5;
	secret "K9qBsQwusP6430cykS2AeA==";
};
options {
	default-key "toystory-key";
	default-server 127.0.0.1;
	default-port 953;
};

[root@toystory ~]# cat /etc/named.conf
key "toystory-key" {
	algorithm hmac-md5;
	secret "K9qBsQwusP6430cykS2AeA==";
};
controls {
	inet 127.0.0.1 port 953
		allow { 127.0.0.1; } keys { "toystory-key"; };
};
key "wormhole-key" {
	algorithm hmac-md5;
	secret "7PvoY3oysQz8DyASiUTlNA==";
};
controls {
	inet 10.249.249.3 port 953
		allow { 10.249.249.2; } keys { "wormhole-key"; };
};

SLAVE SERVER (wormhole) CONFIGURATION FILES:
Code:

[root@wormhole ~]# cat /etc/rndc.conf
key "wormhole-key" {
	algorithm hmac-md5;
	secret "7PvoY3oysQz8DyASiUTlNA==";
};
options {
	default-key "wormhole-key";
	default-server 127.0.0.1;
	default-port 953;
};

[root@wormhole ~]# cat /etc/named.conf
key "wormhole-key" {
	algorithm hmac-md5;
	secret "7PvoY3oysQz8DyASiUTlNA==";
};
controls {
	inet 127.0.0.1 port 953
		allow { 127.0.0.1; } keys { "wormhole-key"; };
};
server 10.249.249.3 {
  keys { "wormhole-key"; };
};

TESTING:

MASTER (toystory):
Code:

[root@toystory ~]# rndc status
version: 9.9.4-RedHat-9.9.4-18.el7_1.1 <id:8f9657aa>
CPUs found: 1
worker threads: 1
UDP listeners per interface: 1
number of zones: 104
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running

[root@toystory ~]# rndc -s wormhole.movie.edu status
rndc: connect failed: 10.249.249.2#953: connection refused

SLAVE (wormhole):
Code:

[root@wormhole ~]# rndc status
version: 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.2
CPUs found: 1
worker threads: 1
number of zones: 22
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running

What I'm doing wrong? Please Help!!!

Thanks

Dhcpd On Opensuse 12.1 Does Not Hand Out Addresses

Hi all

I am trying out this dhcp server setup on opensuse 12.1 but it does not seem to be working.

I have eth0 configured to be 192.168.10.1 in a /24 network.

I want to hand out the rest of the address in the same subnet as dhcp addresses. (So everything from 10.2 to 10.255). The default gw is defined as 192.168.10.1, and routing table looks correct. and I only have eth0.

When I start the dhcp, and connect it to the client machine, I see nothing on the wireshark trace. no DHCP discovery or ack messages. And the client machine just keeps trying boot from the network via the network interface. I know I got the right interface (there were blinky options in the bios that lets you identify the correct interface) and the cable is not a problem. (If the cable were a problem the client boot message would say "media fault ... please check media...") instead.

Here is my dhcpd.conf file. I went through man dhcpd already, and cleaned out everything that I apparently don't need. (The original file was copied from a more complicated setup that had multiple subnets and dhcp relays.)

Code:

###################simplfied 
linux-kzy1:/var/lib/dhcp/db # cat /etc/dhcpd.conf
authoritative;

ddns-update-style none;
ddns-updates off;

#Information about the host
subnet 192.168.10.0 netmask 255.255.255.0 {
  max-lease-time 600;
  default-lease-time 600;
  range 192.168.10.2 192.168.10.255;
}

group esx_gep{
  filename "pxelinux.0";
  next-server 192.168.10.1; 
  host testserver1 {hardware ethernet a0:d3:c1:f7:f2:64;}
}

this is what /var/log/message and /var/log/rc.dhcpd.log says:
Code:

**************var log message
Mar 19 18:42:17 linux-kzy1 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
Mar 19 18:42:17 linux-kzy1 dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
Mar 19 18:42:17 linux-kzy1 dhcpd: Wrote 0 group decls to leases file.
Mar 19 18:42:17 linux-kzy1 dhcpd: Wrote 0 deleted host decls to leases file.
Mar 19 18:42:17 linux-kzy1 dhcpd: Wrote 0 new dynamic host decls to leases file.
Mar 19 18:42:17 linux-kzy1 dhcpd: Wrote 0 leases to leases file.
Mar 19 18:42:17 linux-kzy1 dhcpd: Listening on LPF/eth0/84:8f:69:cf:7c:41/192.168.10.0/24
Mar 19 18:42:17 linux-kzy1 dhcpd: Sending on   LPF/eth0/84:8f:69:cf:7c:41/192.168.10.0/24
Mar 19 18:42:17 linux-kzy1 dhcpd: Sending on   Socket/fallback/fallback-net
Mar 19 18:42:17 linux-kzy1 dhcpd[12233]: Starting ISC DHCPv4 4.x Server [chroot]..done
linux-kzy1:/home/test/Documents #


*****************var log rc.dhcpd.log
Mar 19 18:42:17 linux-kzy1 dhcpd: Internet Systems Consortium DHCP Server 4.2.2
Mar 19 18:42:17 linux-kzy1 dhcpd: Copyright 2004-2011 Internet Systems Consortium.
Mar 19 18:42:17 linux-kzy1 dhcpd: All rights reserved.
Mar 19 18:42:17 linux-kzy1 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
Mar 19 18:42:17 linux-kzy1 dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
Mar 19 18:42:17 linux-kzy1 dhcpd: Wrote 0 group decls to leases file.
Mar 19 18:42:17 linux-kzy1 dhcpd: Wrote 0 deleted host decls to leases file.
Mar 19 18:42:17 linux-kzy1 dhcpd: Wrote 0 new dynamic host decls to leases file.
Mar 19 18:42:17 linux-kzy1 dhcpd: Wrote 0 leases to leases file.
Mar 19 18:42:17 linux-kzy1 dhcpd: Listening on LPF/eth0/84:8f:69:cf:7c:41/192.168.10.0/24
Mar 19 18:42:17 linux-kzy1 dhcpd: Sending on   LPF/eth0/84:8f:69:cf:7c:41/192.168.10.0/24
Mar 19 18:42:17 linux-kzy1 dhcpd: Sending on   Socket/fallback/fallback-net
Mar 19 18:42:17 linux-kzy1 dhcpd[12233]: Starting ISC DHCPv4 4.x Server [chroot]..done
linux-kzy1:/home/test/Documents #

not very interesting stuff or useful, but I found some other messages that is very interesting:

Code:

**********
#no free lease

linux-kzy1:/home/test/Documents # cat /var/log/messages | grep "free lease"
Mar 19 15:53:59 linux-kzy1 dhcpd: DHCPDISCOVER from a0:d3:c1:f7:f2:64 via eth0: network 192.168.10.0/24: no free leases
Mar 19 15:54:03 linux-kzy1 dhcpd: DHCPDISCOVER from a0:d3:c1:f7:f2:64 via eth0: network 192.168.10.0/24: no free leases
Mar 19 15:54:11 linux-kzy1 dhcpd: DHCPDISCOVER from a0:d3:c1:f7:f2:64 via eth0: network 192.168.10.0/24: no free leases
......
Mar 19 17:01:06 linux-kzy1 dhcpd: DHCPDISCOVER from a0:d3:c1:f7:f2:64 via eth0: network 192.168.10.0/24: no free leases
Mar 19 17:01:38 linux-kzy1 dhcpd: DHCPDISCOVER from a0:d3:c1:f7:f2:64 via eth0: network 192.168.10.0/24: no free leases
linux-kzy1:/home/test/Documents #

Which ties into my first question: dhcp no free lease: I googled a bit, I found a post from a guy on ubuntu who has the same error message and the suggested course of action is to change ownership of the lease file to dhcpd and give it 777 for permission. Which I thought is weird, because the lease file is automatically created by the dhcpd itself, so it really shouldn't be a permission issue shouldn't it? (Anyway, tried that didn't do a thing.) right now it is owned by root/root and has this permission: -rw-r--r--.

2nd question: once the client gets a reply from my dhcp server saying no free lease, does it remember this dhcp server as no free lease and does it persist throughout reboots? Because I tried rebooting the client a number of times and I don't see anything on the wireshark at all. You will notice the time stamp on the last "no free lease" message is not as late as the other messages from the var/log/messages or rc.dhcpd.log and I rebooted the client and the dhcp plenty of times since 17:01:38.

Thanks for all your help in advance everyone.

Trouble Configuring Vsftp

Using a Raspberry Pi w/ Debian

Read the manual and several "how-to"s and am getting nowhere

vsftp is running and making a log file. I can get to the Pi with putty or SAMBA

Ultimately want to be able to both(I) ftp in under the "pi" user to access files remotely and (II) have people sending me huge files ftp them in anonymously

Have tried (I) the ftp client in Windows 7 Internet explorer 11, (ii) the ftp client in the Windows 7 "map network drive" UI, and (iii) ES file explorer on my Android phone.

The android phone tells me there is no server there. Windows 7 gets no password challenge, gives no error indication, but does nothing useful. The vsftpd log file shows some attempt by the Windows machine, nothing for the Android.

Config file and log file attached.

The Android is trying to use port 21, the config file mentions something about port 20. Which ports do I need to forward in my router to enable remote access?

Any help appreciated.

Thanks. Jonathan

Cannot Say Hello To The World Due To 'code 1'

/************************************************************
*
* Project 0: My First Program in C++
*
* Author: xxx xxxx
* Date: 18 January 2015
*
* This is the canonical first program for C++.
* Its purpose is to show that one knows how to create a program in
* one's particular programming environment.
*
************************************************************/

#include <bjarne/std_lib_facilities.h>

int main()
{
cout << "Hello, world!\n";

return 0;
}

I compiled the hello world program as my prof instructed.
then I used C+c C+c, delete 'make -k' and replaced with 'g++ -o proj0 -std=c++11 proj0.cc', choose to save the file, and it goes 'compilation exited abnormally with code 1'

note that I do all these by making SSH connection with computer in lab with a linux system

FYI, the whole thing is:

-*- mode: compilation; default-directory: "~/private/cs1/proj0/" -*-
Compilation started at Sun Jan 18 21:15:54

g++ -o proj0 -std=c++11 proj0.cc
In file included from /usr/include/c++/4.9.2/locale:41:0,
from /usr/include/c++/4.9.2/iomanip:43,
from /usr/local/include/bjarne/std_lib_facilities.h:220,
from proj0.cc:14:
/usr/include/c++/4.9.2/bits/locale_facets_nonio.h:1869:5: error: template-id do_get<> for String std::messages<char>::do_get(std::messages_base::catalog, int, int, const String&) const does not match any template declaration
messages<char>::do_get(catalog, int, int, const string&) const;
^
/usr/include/c++/4.9.2/bits/locale_facets_nonio.h:1869:62: note: saw 1 template<> , need 2 for specializing a member function template
messages<char>::do_get(catalog, int, int, const string&) const;
^

Compilation exited abnormally with code 1 at Sun Jan 18 21:15:55

Sending Mails With Port Number 587 Bash Script Help

Hi All,
We have some shell scripts which will send emails about backup, alerts etc using mail command. Example.
Code:

echo "Test Mail" | mail -s "Test" me@mydomain.com

I guess the above command just connect port number 25 of our mail server even if we do not define any port number. Now I would like add smtp port number as 587 in all of the bash scripts. I googled for this but could not get whatever I am expecting. So expecting your kind reply to define smtp port number as 587 in all of the bash scripts.

Thanks in advance.

Urgent!! File Transfer From Windows To Linux Server Using Ftp

Dear All

I need your help.
I want to get a file from windows server using ftp.
Below is the script I have created but the connection is not established:

#!/bin/sh

lcd "directory in linux server"
USER="username of windows server"
PASS="password"

ftp -n "ip of windows server" <<EOF
user $USER $PASS

cd "C:\Users... directory in windows server where file is located"
bin
get test1234.txt

bye

EOF

I hope somebody can help me!
BR,

Honeyd Error While Running With Honeyd.conf In Kali Linux

Similar Content