Security :: Real System In Between Honeypot Monitoring Range / "Connection Timed Out"?

Dec 6, 2010

I am just out of curiosity working with honeypot and found there are two way for arpd to route the unused IP to honeypot with blackhole and arp spoofing.Now to test, I am arp spoofing 5 machines from 192.168.100.41 to .45 and also honeypot is monitoring this range too. But I have setup a real machine with webserver in between this range and gave IP address 192.168.100.45.Now logically as arp and honeypot both are monitoring this range so they capture this request as below from log:

PHP Code:

arpd[1690]: arpd_lookup: no entry for 192.168.100.45
arpd[1690]: arpd_send: who-has 192.168.100.45 tell 192.168.100.10
arpd[1690]: arpd_send: who-has 192.168.100.45 tell 192.168.100.10
arpd[1690]: arp reply 192.168.100.45 is-at 08:00:27:00:76:e5
arpd[1690]: arp reply 192.168.100.45 is-at 08:00:27:00:76:e5
code....

Now arpd is redirecting the traffic to honeypot machine as there is a real system with real MAC address. But from 192.168.200.10 I can also view the webpage of 192.168.100.45 machine. But most of the time it says "Connection Timed out".

Should it be acting like this or it shouldn't be showing me the webpage at all?

View 1 Replies


ADVERTISEMENT

Security :: Sample Attack On Honeypot System?

Nov 23, 2010

I have implemented two machines one for honeypot(192.168.100.10) and another(192.168.100.20) to remotely log the honeypot log file using syslog. Inside honeypot I emulated another 3 machines with services on virtual IPs of that same block.Now honeypot is working and I can see the logs generating as I did a portscan(nmap) on those virtual IPs from .20 machine.All of the machines are running ubuntu.

But does anyone know any s/w or tools which originally attackers use so that I can get a clear picture of what happens from the logs. Having problems creating these attack scenarios.

View 2 Replies View Related

Fedora Security :: File Access Honeypot For Server?

Mar 24, 2011

I'm trying to find a file access honeypot for our Fedora server.That is, if a local file is accessed, it should notify someone. Plain and simple..

View 8 Replies View Related

Ubuntu Security :: Sudo Apt-get Update The Update Failed Because The Connection To The India Mirror Timed Out

Jun 1, 2010

I am from India, and I tried to update my Ubuntu system today. Code: $sudo apt-get update The update failed because the connection to the India mirror timed out: Code: [URL] Could not connect to in.archive.ubuntu.com:80 (111.91.91.37). - connect (110: Connection timed out) I tried the update a few times, with the same result every time.

I had firestarter running at this time, and noticed that I would get new security events every time I tried an update. I checked the events list, and it turned out that the machine at the ip address 111.91.91.37 (the in.archive.ubuntu.com machine, to go by the above error message) had been trying to make connections to seemingly random ports on the machine every time I tried the update: see the attached screenshot. I then changed my repositories to the Main Server using Synaptic, and tried the update again (from the command-line). This time it worked without a hitch, and firestarter did not report any unwanted incoming connection. why is the India mirror trying to open connections that the Main server apparently does not need in order for me to do the update? Should I (we) be concerned?

View 3 Replies View Related

Ubuntu Security :: Ssh: Connect To Host "server" Port 22: Connection Timed Out

Jul 13, 2010

when I am run:

ssh -v "login"@"server"

I get:

OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to server ["address"] port 22.
debug1: connect to address "address" port 22: Connection timed out
ssh: connect to host "server" port 22: Connection timed out

I suppose this is because I am connecting from a public institute where there is a firewall that is blocking an outbound connection on port 22.Is there anyway I can bypass the firewall using the internet ?

View 2 Replies View Related

Security :: Low Interaction Honeypot (based On Nepenthes) Worm Infection?

May 19, 2010

I have snipped part of my log i captured on the my honey pot need recommendation on what is going o? The infected computers is located at address ${ADDRESS}. A quick check of my low interaction Honeypot (based on nepenthes) gives the following data: i know its a worm but what is going on thanks in advance

linux-sqos:/opt/nepenthes/var/log # cat nepenthes.log
<snip>
[18032007 02:26:03 info module] 76 4
[18032007 02:26:03 info module] SMB Session Request 76
H CKFDENECFDEFFCFGEFFCCACACACACACA
code....

View 2 Replies View Related

Networking :: Squid Real Time Monitoring

Feb 7, 2010

Is there any web-tool that provides real time squid users utilization and websites access.

View 2 Replies View Related

Networking :: Unable To NFS Mount .ERROR - Mount: RPC - Remote System Error - Connection Timed

May 6, 2010

Unable to mount NFS server on the client.

Getting the following error.

mount: RPC: Remote system error - Connection timed out

View 3 Replies View Related

General :: Lpq Printer 'sdst@other.domain' - Cannot Open Connection - Connection Timed Out Make Sure LPD Server Is Running On The Server

Mar 23, 2011

Linux printing appeared to be working fine up until yesterday. Today typing lpq gives the following: lpq Printer 'sdst@other.domain' - cannot open connection - Connection timed out Make sure LPD server is running on the server

The /etc/cups/printers.conf file is properly set, the printers appear in localhost:631 and they are printing test pages. However, all command line print commands seem to be trying to print to sdst@other.domain I don't know why printers.conf is being ignored and why and how sdst@other.domain was added. Seems like it might have been auto-discovered?

# dit: sdst@other.domain was mentioned in /usr/local/etc/lpd.conf I'm not sure why lpd.conf is being used instead of /etc/cups/printers.conf

View 1 Replies View Related

General :: PPPOE Connection Timed Out

Apr 24, 2011

PPPOE connection Timed Out-i have downloaded the rp-pppoe utility and installed for PPPOE connection.As per the instruction given with the utility i followed that .i have given pppoe-setup and given all the parameters required like service name , username ,password,firewall as none ,dsn as server an all the option .finally i got the message as congratulation you have successfully setup the pppoe connection.you can use pppoe-start and pppoe-status.

View 11 Replies View Related

General :: Ssh Port 22 Connection Timed Out

Mar 21, 2011

i have two PCs A and B, both are connected via LAN PC A Configuration is

IP Address 10.102.6.232
Broadcast Address 10.102.6.255
Subnet Mask 255.255.255.0
Default Route 10.102.6.2
Primary DNS 144.16.192.55
[Code]...

I am trying to connect B from A using command shh -X devendra@144.16.205.236, and facing error like ssh port 22 connection timed out.

View 13 Replies View Related

CentOS 5 Server :: SSH - Connection Timed Out

Nov 4, 2010

I have SSH running on port 8662 and 22. I use 8662 for the outside world (eth0 which is 192.168 network) Here are the only lines I have changed in sshd_config:

Port 22
Port 8662
#Protocol 2,1

[code]....

BTW, ports forwarded on my firewall, checked and triple checked it.

View 5 Replies View Related

Red Hat / Fedora :: IPtables And Using FTP Command - Connection Timed Out

Mar 8, 2010

I am building 1 system includes 1 firewall server using iptables 1 Webserver && 1 FTP server. On FTP server IP: 192.168.1.2 - GW: 192.168.1.1, I installed ProFTPD successfully. In LAN I do everything successful.

On Firewall server <IP PUBLIC> on eth0 && IP LAN eth1: 192.168.1.1
Iptables rules:
Code: # Generated by iptables-save v1.3.5 on Sun Mar 7 21:01:16 2010
*nat
:PREROUTING ACCEPT [950:126970]
:POSTROUTING ACCEPT [89:5880]
:OUTPUT ACCEPT [19:1342]
-A PREROUTING -d <IP PUBLIC> -i eth0 -p tcp -m tcp --dport 21 -j DNAT --to-destination 192.168.1.2:21
-A POSTROUTING -s 192.168.1.2 -o eth0 -j SNAT --to-source <IP PUBLIC>
COMMIT
# Completed on Sun Mar 7 21:01:16 2010
# Generated by iptables-save v1.3.5 on Sun Mar 7 21:01:16 2010
*filter
:INPUT DROP [1599:157409]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [232:34452]
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -j ACCEPT
-A FORWARD -i eth0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o eth0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o eth1 -j ACCEPT
COMMIT
# Completed on Sun Mar 7 21:01:16 2010 In FTP server i access to internet good.
I check port 21 on IP PUBLIC , it's return Open.

But when I using ftp command then it's show Code: Connected to <IP PUBLIC>.
220 ProFTPD 1.3.3 Server (FTP Server) [192.168.1.2]
User (<IP PUBLIC>:(none)): longvnit
331 Password required for longvnit
Password:
230 User longvnit logged in
ftp> dir
200 PORT command successful
Aborting any active data connections...
ftp> bye

C:Documents and SettingsLONGVNIT>ftp <IP PUBLIC>
Connected to <IP PUBLIC>.
220 ProFTPD 1.3.3 Server (FTP Server) [192.168.1.2]
User (<IP PUBLIC>:(none)): longvnit
331 Password required for longvnit
Password:
230 User longvnit logged in
ftp> dir
200 PORT command successful
425 Unable to build data connection: Connection timed out
ftp> dir
200 PORT command successful
425 Unable to build data connection: Connection timed out
ftp>

View 5 Replies View Related

Red Hat / Fedora :: Connection Timed Out When Trying To Connect To Via Putty?

Jul 4, 2011

when I try to connect via PuTTY from a windows machine I get " PuTTY Fatal error connection timed out. I try to do so via a router redirecting IPadr:86 to local adr:22 on the Linux machine.

I seems not to be a routing issue since the router is setup to redirect apparently correctly.

Well I have stopped iptables and selinux is disabled. The sshd deamon is running. I can logon with ssh locally "ssh webcamATlocal adr".

View 3 Replies View Related

Networking :: Nslookup Returns Connection Timed Out

Feb 4, 2011

I am not so experienced with networking in Linux. I've successfully installed Red Hat Linux Enterprise 5.2 on a VMware host. When I issued nslookup command, it returns "connection timed out" error as follows:

Code:
[root@rac1 ~]# time nslookup rac1
;; connection timed out; no servers could be reached
real 0m15.038s
user 0m0.000s
sys 0m0.000s

My questions are:
(1) Is that error normal?
(2) Is there a way to decrease the 15.038s value? rac1 is the local hostname, so why it takes all that time to resolve it.

Following info may help:
Code:
[root@rac1 ~]# hostname
rac1.mydomain.com
[root@rac1 ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
#eth0 - PUBLIC
192.0.2.100 rac1.mydomain.com rac1

[root@rac1 ~]# ping -c 4 rac1
PING rac1.mydomain.com (192.0.2.100) 56(84) bytes of data.
64 bytes from rac1.mydomain.com (192.0.2.100): icmp_seq=1 ttl=64 time=0.015 ms
64 bytes from rac1.mydomain.com (192.0.2.100): icmp_seq=2 ttl=64 time=0.029 ms
64 bytes from rac1.mydomain.com (192.0.2.100): icmp_seq=3 ttl=64 time=0.029 ms
64 bytes from rac1.mydomain.com (192.0.2.100): icmp_seq=4 ttl=64 time=0.029 ms
--- rac1.mydomain.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.015/0.025/0.029/0.007 ms

View 9 Replies View Related

Server :: Fetchmail Error - Connection Timed Out

Apr 29, 2011

I can't fetchmail form my company server to local PC. It gives error

fetchmail: WARNING: Running as root is discouraged.
fetchmail: starting fetchmail 6.3.6 daemon
fetchmail: connection to 202.137.236.11op3 [202.137.236.11/110] failed: Connection timed out.
fetchmail: POP3 connection to 202.137.236.11 failed: Connection timed out
fetchmail: Query status=2 (SOCKET)
fetchmail: connection to gmail.comop3 [74.125.236.56/110] failed: Connection timed out.

I am trying to connect but it can't.

View 14 Replies View Related

Red Hat :: Error Connection Timed Out Between Solaris Machine?

Apr 18, 2011

I ma facing mount problem with error connection timed out between linux and solaris machine.

when i run mount command
root@rose> mount 10.142.201.104:/view/itb_configuration_712/vobs/ims_it /view/itb_configuration_712/vobs/ims_it/

[code]...

View 3 Replies View Related

Ubuntu Networking :: Cannot Connect To Websites - Connection Timed Out

Jul 13, 2010

I am relatively new to Ubuntu. Currently running Lucid Lynx, but I cannot connect to the internet. I can ping 127.0.0.1, and google.com. Software update works as well, but the connection times out when I try connecting to a web site e.g. bbc.uk.

View 4 Replies View Related

Red Hat / Fedora :: Postgresql Giving Connection Timed Out Because Of Iptables?

Jul 14, 2011

In our development box we are configured postgresql to work with Jboss. The thing is we have firewall iptables in our linux box. when the iptables is stopped we can connect the postgres db locally using -h option, also we can connect thru a weblink we have created using Jboss. But when the iptables is started we can't connect the db locally using the -h option and the web is giving the below error. Caused by:

org.postgresql.util.PSQLException: Connection refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
at org.postgresql.core.v3.ConnectionFactoryImpl.openC

[code]....

View 1 Replies View Related

Software :: Connection Timed Out For Sending Mail With Evolution?

Jan 5, 2010

I am having alot of trouble setting up evolution to work with gmail. I am using pop for recieving mail and it's slow but still works. When I try to send mail with smtp.gmail.com I get the error message that the connection timed out. How can I set this up to send and recieve email?

View 6 Replies View Related

CentOS 5 Server :: DNS : Connection Timed Out; No Servers Could Be Reached?

Mar 28, 2011

I have 2 different networks :the first one is gateway machine (eth0), and the second is a private machine (eth1). So, I've configured the iptables and forwarding stuff and when I try to ping [url]..... on the gateway machine, it works, while it doesn't work on the private network. Note: I am using VmWare 7, CentOS 5.

I could say that the problem in DNS:because when I use this command in the private network machine: [url]...., it says connection timed out; no servers could be reached ,while in the public one, it works properly.....

View 1 Replies View Related

Fedora :: Installing Autoten - Transfer Failed (Connection Timed Out)

Dec 12, 2010

I've been trying since yesterday to install autoten per instructions below [URL]. However it has failed each time I have tried. Below is the terminal response.

Code:
[colyn@Fedora ~]$ su
Password:
[root@Fedora colyn]# rpm -Uvh [URL]
Retrieving [URL]
curl: (6) Could not resolve host: dnmouse.org; Connection timed out
error: skipping [URL] - transfer failed
[root@Fedora colyn]#

I am doing a copy/paste so I am not mis-typing the information. It says that the connection has timed out but I get the error message within 5 seconds of hitting enter.

View 8 Replies View Related

Ubuntu Multimedia :: Could Not Connect To Packages.medibuntu.org:80 (88.191.82.11), Connection Timed Out

Apr 21, 2010

I get the below errors when trying to connect to the below repos.It has almost always worked in the past. Is the site "packages.medibuntu.org" down again !?

Err http://packages.medibuntu.org karmic Release.gpg
Could not connect to packages.medibuntu.org:80 (88.191.82.11), connection timed out
Err http://packages.medibuntu.org karmic/free Translation-en_CA

[code]....

View 8 Replies View Related

Ubuntu :: Ssh: Connect To Host XXXX Port 22: Connection Timed Out

Jul 4, 2010

I have been playing with this for awhile now and I am ready to go postal.

I just want to move some files around and potentially rsync my net book with my desktop as well as learn the software (my primary reason)

Steps Taken.
Set Static IP address to machines on LAN
Turned on Port Forwarding (22)
Added Rule to UFW allow 22/TCP

View 9 Replies View Related

Ubuntu Servers :: Escape From Wget/Connection Timed Out/Retrying

Sep 26, 2010

I know that wget will give up after 20 failed connection attempts, but is there any way I can escape without waiting?

View 1 Replies View Related

General :: Configure Gmail For Sending Email - Connection Timed Out

Jun 23, 2010

I have a problem sending emails in the command line. I have introduced this command:

sendEmail -f my.account@gmail.com -t myself@domain.tld
-u this is the test tile -m "this is a test message"
-s smtp.gmail.com
-o tls=yes
-xu usernameonly -xp mypasswd

But then I received this message:
sendEmail[13230]: ERROR => Connection attempt to smtp.gmail.com:25 failed: IO::Socket::INET: connect: Connection timed out

View 1 Replies View Related

General :: Connection Timed Out While Connecting Through Securecrt To Remote Server?

Feb 13, 2011

I am not able to connect to remote server through secureCRT . my local team has said that server is working fine . but I am not able to connect it remotely . what more i can do to connect it to server

View 10 Replies View Related

General :: Host Webserver: Connection Timed Out - No Servers Could Be Reached

Feb 17, 2011

I have standalone Suse 10 SP3 that when I run

Code: # hostname webserver but when I run host command

Code: # host webserver;; connection timed out; no servers could be reached I would like to get the IP when I issue

[Code]....

View 3 Replies View Related

Server :: Cannot Send Outbound Mails Connection Timed Out (port 25)?

Feb 4, 2011

I've ben punding myhead on this issue. I've setup a new postifx server on rhel5. After editing the needed entries, i can't seem to send any outbound mails to yahoo or any other domains.My postconf -n is as follows:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin

[code]...

View 2 Replies View Related

Ubuntu Networking :: Unable To Connect To Remote Host - Connection Timed Out

Dec 13, 2010

I did a clean install of the latest version of Ubuntu. For some reason, there are still internet-issues. When I tried out the following command

Code:
telnet
open ftp.microsoft.com 21
I got
Code:
telnet: Unable to connect to remote host: Connection timed out

Also, during install of the new ubuntu, it was unable to reach the repos for downloading. Odd thing is that I can go online, and that when I type 'ftp.microsoft.com' in my browser, it displays the file-hierarchy.

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved