Contact Us  |  Site Map
Empty Cart
HOME PRODUCTS SERVICES SUPPORT RESELLERS ABOUT US  
More section links
Licensing
  Patriotbox Licensing
  S.A.F.E. Licensing
  IPnote E2 Licensing
  Gov't & Edu Sales
Knowledgebase
Product Articles
  Patriotbox
    Windows XP Hardening
    Windows 2000 Hardening
    Getting Started
    Sasser Plugin Setup
    Download Script plugins
    Honeyd Support Perl Scripts
    Msblast plugin setup
    Unbind NetBios Ports
  SAFE
    SAFE Getting Started
    Apache and PHP Setup
    Snort Installation Guide
  IPnote E2
    IPnote E2 Setup
    IPnote Web Admin

Alkasis Honeyd Perl Script Setup

Since Patriotbox version 2.0, we have supported the use of Honeyd scripts to be used with Patriotbox. This article will explain how to setup your Patriotbox server to use the Perl Honeyd scripts.

First you need to download ActiveState's version of Perl from the following location: http://www.activestate.com/Products/ActivePerl/

Next, install the Perl Package.


Make sure the Path Environment Variable is checked

 
Installation is now complete.

Since we are dealing only with Perl Honeyd scripts here, download from the Honeyd web site a Perl script. For this guide we are using Pop3.pl which can be downloaded here

Launch the Patriotbox Interface

Right Click in the Services area (white space where all of the services are listed) and add Script Service.

You will now see a new Script Service with a Port # of 0

Right Click on the new Script Service you created and select Properties.

 You will now see the Configuration window for this service.

Port: This is the port the script will listen on. For our example we are using pop3.pl which simulates a POP3 server, we need to use TCP port 110.

Command: This is the full path to the Perl Script plus adding a -l ./ to the end. So it should look like this:

Connection Limits: The is the number of connection attempts before we set off an alarm (like email alert)

Script Style: When using the honeyd scripts, you will need to change this to say either honeyd with stderr or honeyd with log file. For our example we will be using honeyd with log file.

To figure out which version to use you will need to open up the script and find out which is supported.

Log File Name: The name you want the logfile to be. Our example we will use "logfile"

RegEx Patterns for Honeyd script style: These are Regular Expressions that Patriotbox looks for when the script is running to classify the level.

The screenshot below is the final configuration for our pop3.pl script.

Click ok to save the configuration.

Now right click to enable this service. It should turn green, to let you know that it is now listening on the port you specified.

Honeyd script support is currently in experimental support. If you have any questions, feel free to send an email to support@alkasis.com
HOME  |  PRODUCTS  |  SERVICES  |  SUPPORT  |  RESELLERS  |  ABOUT US|  INFORM
Site Map | Contact Us | Regions | Privacy PolicyPublications
(c) Copyright 2002-2006 - Dalmatech LLC
1900 Lafayette St., Suite 220 - Santa Clara, CA 95050