[Honeywall] Sebek Questions

Jefferson, Shawn Shawn.Jefferson at bcferries.com
Tue Aug 4 16:45:58 EDT 2009

Hi, a couple of questions:

I'm trying to get Sebek installed on Ubuntu, but I'm having some problems.  I swore I compiled and installed in on 8.04 awhile ago, but can't seem to get it to compile now.  The configure script complains about missing include files.  I have installed the linux-headers-server package.  Is there a magical combination of Ubuntu version/kernel version that works with the latest development trunk (version 33 I think).  I did get it to compile with one combination of Ubuntu version and kernel, but the module seg faulted every time when inserting it with the sbk_install script.

Another question, my Honeywall is sending me alerts on outbound connection attempts.  I have a Windows XP honeypot that likes to broadcast to .255 for name resolution and this is sending many alerts per day.  Has anyone done anything to ignore these, or have any suggestions?

Shawn Jefferson

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://public.honeynet.org/pipermail/honeywall/attachments/20090804/b9fa8688/attachment.html

More information about the Honeywall mailing list