neoxedneox
commented
7 years ago Update : I'm blind :/ forgot "e" in "set windows default tcp action filtred" I added it "set windows default tcp action filtered"
I tested again and got that from nmap :
Nmap scan report for 192.168.0.115 Host is up (0.072s latency). All 1000 scanned ports on 192.168.0.115 are filtered
Update 2 : It's working now, but I always have to run nmap twice to scan the ip, any ideas why it happens ? and when I try to connect to ftp port (I added 21 port to the configuration) I get :
honeyd[7050]: Killing unknown connection: tcp (192.168.121.132:59102 - 192.168.121.172:21)
Hello everyone,
I installed HoneyD on a VM from "https://github.com/DataSoft/Honeyd", my issue starts after running HoneyD "honeyd -d -f /etc/honeypot/honeyd.conf".
honeyd.conf :
create default set default default tcp action filtered set default default udp action filtered set default default icmp action filtered
create windows set windows default tcp action filtered <= Corrected set windows default udp action filtered set windows default icmp action closed set windows personality "Microsoft Windows 7 SP1" add windows tcp port 135 open add windows tcp port 139 open add windows tcp port 445 open set windows ethernet "hp" bind 192.168.0.115 windows
After nmap scan on another VM (both on same network) I get :
honeyd[4708]: Connection request: tcp (192.168.0.105:43220 - 192.168.0.115:40193) honeyd[4708]: Connection dropped by reset: tcp (192.168.0.105:43220 - 192.168.0.115:30000) honeyd[4708]: Connection request: tcp (192.168.0.105:43220 - 192.168.0.115:3690) honeyd[4708]: Connection request: tcp (192.168.0.105:43220 - 192.168.0.115:51103) honeyd[4708]: Connection dropped by reset: tcp (192.168.0.105:43220 - 192.168.0.115:40193) honeyd[4708]: Connection dropped by reset: tcp (192.168.0.105:43220 - 192.168.0.115:3690)
Then the nmap output show that every port is opened.
What am I doing wrong ?
Thanks for attention.