On 10/16/07, Rob McMillen <[EMAIL PROTECTED]> wrote: > List, > I am trying to fix the issue with the lack of data showing up on > the UI after 24 hours. Can some of the folks having this issue tell > me a little about their setup and the type of activity they see on > their honeypots? The OS of the honeypots etc? Would help me recreate > this issue. > On another note, I have noticed that the IDS alerts are not > showing up on the UI. Other folks seeing this?
I have a honeypot with debian and sebek, I never saw any sebek traffic on the web console, and even ssh to the honeypot doesn't show anything, I think the problem was on the roo box, with tcpdump I could see the sebek traffic, but nothing was catched, and ps showed that sebek server was trying to be run on eth1, instead of eth2 (I think). I never saw any snort alert either, I could only run snort on dumps. Max -- <?php $signautre = null; echo $signature; _______________________________________________ Honeywall mailing list [email protected] https://public.honeynet.org/mailman/listinfo/honeywall
