[Honeywall] Re: Virtual Honeynet deployment using Linux Host - honeywall 1.3 roo

Fahim Abbasi mailtofahim at gmail.com
Sat Jul 5 08:16:41 EDT 2008


Right, so if i setup the honeypot IP other than the vmnet1 IP subnet then it
should work? Previously i wasnt able to do so using that arrangement.

Just now I retested using 192.168.1.0/24 subnet, assignment is as follows:
Host eth0: 192.168.1.1
vmnet1: 192.168.2.1 (same as before)
xp-honeypot: 192.168.1.10 (previously was 2.10)
honeywall IP, Broadcast & CIDR updated to 192.168.1.0/24 subnet.

Now:

netstat -r
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt
Iface
192.168.2.0     *               255.255.255.0   U         0 0          0
vmnet1
192.168.1.0     *               255.255.255.0   U         0 0          0
eth0
192.168.253.0   *               255.255.255.0   U         0 0          0
vmnet2

&

ifconfig
eth0      Link encap:Ethernet  HWaddr 00:02:3F:D9:87:02
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::202:3fff:fed9:8702/64 Scope:Link
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:759 errors:0 dropped:0 overruns:0 frame:0
          TX packets:207 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:69429 (67.8 KiB)  TX bytes:32156 (31.4 KiB)
          Interrupt:19 Base address:0xc800

vmnet1    Link encap:Ethernet  HWaddr 00:50:56:C0:00:01
          inet addr:192.168.2.1

PROBLEMS:
1. Unable to ping from host-honeypot ( 192.168.1.1 - 192.168.1.10)
2. Unable to ping from honeypot to host ( 192.168.1.10 - 192.168.1.1 )
3. host eth0 pingeable from honeywall.
4. Unable to ping honeypot from honeywall

I wasnt having above problems using previous arrangement.

Let me try rephrase the question:
"Will honeynet roo work with a private network subnet at all? or will I have
to use public IPs even for testing purposes :S ?"


Thanks, Fahim


On Sat, Jul 5, 2008 at 10:24 PM, <honeywall-request at public.honeynet.org>
wrote:

> Date: Sat, 5 Jul 2008 16:24:02 +0600
> From: "Faiz Ahmad Shuja" <faiz.shuja at gmail.com>
> Subject: Re: [Honeywall] Virtual Honeynet deployment using Linux Host
>        -       honeywall 1.3 roo
> To: "Mailing list for users and developers of the Honeywall"
>        <honeywall at public.honeynet.org>
> Message-ID:
>        <46035c660807050324l48edc816t69095ff4d273c83a at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Do you have a router in the network to route traffic between virtual
> networks? Why the gateway for the interface on host OS is vmnet1? Both
> should be separate network. All the honeypots are usually connected to
> vmnet1 (host-only) and configured to have external IPs (same network as
> host
> OS eth0). Honeywall will do the bridging.
>
>
> Regards,
> Faiz
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://public.honeynet.org/pipermail/honeywall/attachments/20080706/f1bf849f/attachment.html


More information about the Honeywall mailing list