[Honeywall] Re: Virtual Honeynet deployment using Linux Host -
honeywall 1.3 roo
mailtofahim at gmail.com
Sat Jul 5 08:16:41 EDT 2008
Right, so if i setup the honeypot IP other than the vmnet1 IP subnet then it
should work? Previously i wasnt able to do so using that arrangement.
Just now I retested using 192.168.1.0/24 subnet, assignment is as follows:
Host eth0: 192.168.1.1
vmnet1: 192.168.2.1 (same as before)
xp-honeypot: 192.168.1.10 (previously was 2.10)
honeywall IP, Broadcast & CIDR updated to 192.168.1.0/24 subnet.
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt
192.168.2.0 * 255.255.255.0 U 0 0 0
192.168.1.0 * 255.255.255.0 U 0 0 0
192.168.253.0 * 255.255.255.0 U 0 0 0
eth0 Link encap:Ethernet HWaddr 00:02:3F:D9:87:02
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::202:3fff:fed9:8702/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:759 errors:0 dropped:0 overruns:0 frame:0
TX packets:207 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:69429 (67.8 KiB) TX bytes:32156 (31.4 KiB)
Interrupt:19 Base address:0xc800
vmnet1 Link encap:Ethernet HWaddr 00:50:56:C0:00:01
1. Unable to ping from host-honeypot ( 192.168.1.1 - 192.168.1.10)
2. Unable to ping from honeypot to host ( 192.168.1.10 - 192.168.1.1 )
3. host eth0 pingeable from honeywall.
4. Unable to ping honeypot from honeywall
I wasnt having above problems using previous arrangement.
Let me try rephrase the question:
"Will honeynet roo work with a private network subnet at all? or will I have
to use public IPs even for testing purposes :S ?"
On Sat, Jul 5, 2008 at 10:24 PM, <honeywall-request at public.honeynet.org>
> Date: Sat, 5 Jul 2008 16:24:02 +0600
> From: "Faiz Ahmad Shuja" <faiz.shuja at gmail.com>
> Subject: Re: [Honeywall] Virtual Honeynet deployment using Linux Host
> - honeywall 1.3 roo
> To: "Mailing list for users and developers of the Honeywall"
> <honeywall at public.honeynet.org>
> <46035c660807050324l48edc816t69095ff4d273c83a at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
> Do you have a router in the network to route traffic between virtual
> networks? Why the gateway for the interface on host OS is vmnet1? Both
> should be separate network. All the honeypots are usually connected to
> vmnet1 (host-only) and configured to have external IPs (same network as
> OS eth0). Honeywall will do the bridging.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Honeywall