I have confirmed my issue is related to Sebek like: luck00 luck00 luck00 at gmail.com Thu Sep 13 07:02:29 EDT 2007
and svoemel at rumms.uni-mannheim.de svoemel at rumms.uni-mannheim.de Mon Sep 10 06:51:51 EDT 2007 I was running a honeypot with Sebek and after it sent a packet the reporting stopped. I am running without Sebek on the client and I am fine. I will try to do more tests to figure out why this issue is occuring, although I dont know honeywall that well. Thanks, Brian On 10/3/07, Brian Toovey <[EMAIL PROTECTED]> wrote: > Hello list, > > I am a new poster, so try not to flame :) > > Question 1: > > I have setup the honeywall as described for vmware by the Pakistan team. > > I can see flows in and out of a winxp machine behind the honeywall > (192.168.1.60/24) to the public internet (all my machines are on a > 192.168.1.0/24) > > I have an attack machine on the untrust side of the honeywall > (192.168.1.70) which I ran the exploit for the 3com tftp server using > metasploit, spawning a vnc session. The exploit runs ok, and I see > some traffic logged via email alerts for outbound traffic, but I do > not see any connections in the Walleye flow view for this particular > traffic. > > Question 2: > > Is there a place honeypot/wall/net results are shared via the > community? For example vulnerability X is disclosed yesterday, found > exploited honeypot today, here are the results, etc? > > Brian > > -- > Brian Toovey > [EMAIL PROTECTED] > http://vulntrac.com > -- Brian Toovey [EMAIL PROTECTED] http://vulntrac.com _______________________________________________ Honeywall mailing list [email protected] https://public.honeynet.org/mailman/listinfo/honeywall
