[Honeywall] Virtualize honeypots in honeynet using VMware and Roo as honeywall

Steve Ng steve_njk at hotmail.com
Thu Dec 13 20:33:25 EST 2007


Hi guys,

I read about the guide of setting up honeypots via vmware but was quite unsuccessful.
My setup is like http://www.honeynet.pk/honeywall/roo/page2b.htm. 

Based on the guide, it state for my host OS(ROO) to have 2 bridge and 1 host-only adapter.
What I don't understand is that why is it that they put ethernet and ethernet1 as bridge and ethernet2 as host only.
>From my understanding of honeynet
1) Isn't eth1 which is the "ethernet1" in vmware supposed to connect to the honeypot, which is supposed to be host-only connection as it connect up to the other honeypots.
2) Likewise isn't "ethernet2" supposed to be connecting to the management interface? If so, what type of connection should I use? bridge or host-only?

I've followed the guide, my honeypots can ping one another but my "intruder" can't seems to ping them at all.
I read up about the different type of virtual adapter in vmware and realise that my honeypot is in a private virtual network, which make them unable to connect to the outside world vice verse? 
I'm able to access the management interface through my honeypots is it correct? From what I read about honeywall, the computer accessing the management interface has to plug into the eth2 port of the honeywall.

regards,
Steve
 
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://public.honeynet.org/pipermail/honeywall/attachments/20071214/1ada3808/attachment.html


More information about the Honeywall mailing list