jatrost
commented
10 years ago Can you check this out and see if it helps?
Closed bensmith83 closed 10 years ago
jatrost
commented
10 years ago Can you check this out and see if it helps?
bensmith83
commented
10 years ago Ah, perfect - thank you for the help! The one section of the guide that I skipped. Worked like a charm. This project is fantastic, thanks for your work on it!
Do I need anything more than 10000/tcp open from sensor to server? i.e., do I need 3000 or 8181?
jatrost
commented
10 years ago On Thu, Jun 26, 2014 at 10:24 PM, bensmith83 notifications@github.com wrote:
Ah, perfect - thank you for the help! The one section of the guide that I skipped. Worked like a charm. This project is fantastic, thanks for your work on it!
Do I need anything more than 10000/tcp open from sensor to server? i.e., do I need 3000 or 8181?
— Reply to this email directly or view it on GitHub https://github.com/threatstream/mhn/issues/14#issuecomment-47301890.
I can't seem to get the dionaea sensor to show up under attacks in the web console. I've followed all of the troubleshooting steps. Port 10000 seems to be open, displays banner in netcat, and I can see the traffic in tcpdump on both the server and sensor. hpfeeds-broker.err last entries are:
INFO:root:Database ready. INFO:root:Auth success by.
INFO:root:Auth success by honeymap.
INFO:root:Auth success by .
INFO:root:Auth success by collector.
INFO:root:Auth success by geoloc.
INFO:root:Auth success by mnemosyne.
I turned DEBUG on in the /opt/mhn/server/config.py and restarted but still just that.
I have 80/tcp, 8181/tcp, 3000/tcp, 10000/tcp open from sensor to server, and all tcp and udp the other way. I tried opening everything from sensor to server also, just in case, but no effect.
What else can I do?