[Honeywall] No sebek data in walleye

Sachin inform.sachin at gmail.com
Thu Apr 12 02:24:14 CDT 2012


Hi Sir,

I have install honeywall roo-1.4.hw-200904251145538 on intel machine
which has 3 LAN cards.
Honeypot is able to communicate with LAN network. and I can see the
communications in walleye.

I have installed the latest windows sebek client in my Windows XP
honeypot machine and
I have followed all the instructions in the ReadMe file.
and configure sebek as:

mac add of eth1 of honeywall-
dest ip-
dt port-

i  have also configured sebek server using these parameters

dest ip-
dest port
sebek packet -accept and log

But Walleye there is no sebek data from windows honeypot.

Then, I ran the command on honeywall to see keystrokes of honeypot
but there is no output..

[root at localhost ~]# sbk_extract -i eth1 -p 1101 | sbk_ks_log.pl
 monitoring eth0: looking for UDP dst port 1101

I didn't get any data from honeypot.
Am I missing any step(s) here or some configurations ??

I request you to Please help me, regarding this issue, I will be very
thankfull for this.

Sincerely
Sachin Sonekar


More information about the Honeywall mailing list