Hello list, I am a new poster, so try not to flame :)
Question 1: I have setup the honeywall as described for vmware by the Pakistan team. I can see flows in and out of a winxp machine behind the honeywall (192.168.1.60/24) to the public internet (all my machines are on a 192.168.1.0/24) I have an attack machine on the untrust side of the honeywall (192.168.1.70) which I ran the exploit for the 3com tftp server using metasploit, spawning a vnc session. The exploit runs ok, and I see some traffic logged via email alerts for outbound traffic, but I do not see any connections in the Walleye flow view for this particular traffic. Question 2: Is there a place honeypot/wall/net results are shared via the community? For example vulnerability X is disclosed yesterday, found exploited honeypot today, here are the results, etc? Brian -- Brian Toovey [EMAIL PROTECTED] http://vulntrac.com _______________________________________________ Honeywall mailing list [email protected] https://public.honeynet.org/mailman/listinfo/honeywall
