Skip navigation
Menu
Security

Honeyd Configuration Steps

You can install and configure Honeyd in just a few hours if you know the right steps. Here are those steps:

  1. Set up a hardened (i.e., fully patched) Windows box.


  2. The Honeyd installation requires a packet-level driver, so download and install WinPcap 3.0 from http://winpcap.polito.it, then reboot.


  3. Download Honeyd for Windows in compiled (or source code) form from http://www.securityprofiling.com. Unzip the compiled executable package and extract the files and directories. Honeyd will create its own directory and subdirectories. Rename the honeyd-0.5 folder to honeyd for easier command-prompt handling and scripting.


  4. Go to the command prompt and access the honeyd directory.


  5. Type the command 
    honeyd -W
    to test that Honeyd is functioning and can identify your network interfaces. If Honeyd errors out, troubleshoot the previous steps.


  6. Configure your routing infrastructure so that the appropriate network traffic gets passed to the honeypot machine.


  7. Download additional advanced scripts from http://niels.xtdnet.nl/honeyd/contrib.html. Unzip the scripts and place them in the Honeyd scripts folder.


  8. Download and install Cygwin and the accompanying shell script engine (sh.exe) and Perl script engine (perl.exe) from http://www.cygwin.com. Add the Cygwin binaries path to your system's PATH variable (e.g., C:\cygwin\bin). Alternatively, download and install the Perl script engine from http://www.activestate.com. Add the Perl binary directory (e.g., C:\perl\bin) to your system's PATH variable.


  9. Test scripts and script engines at the command prompt.


  10. Read the accompanying honeyd.html file for executable and configuration file syntax.


  11. Decide how you want to monitor the honeypot. This decision leads directly to how you'll handle alerts and logging.


  12. Create and configure your Honeyd configuration file. Specifically, you need to perform the following tasks:


  • Define your templates (create the template, annotate the personality, bind the personality to template, and bind the IP addresses to the personality).
  • Define TCP and UDP ports.
  • Define emulation scripts.
  • Configure the physical network so that the honeypot gets intended traffic.
  • Execute Honeyd.
    • >
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
DevSecOps concept
90% of Java Services in Production Have Vulnerability Risk, DevSecOps Report Finds
Apr 20, 2024
Businesswoman challenges concept and gender obstacles
Women in Cybersecurity Face Barriers to Hiring, Advancement
Apr 15, 2024
person typing on keyboard with icons for certificates
Top IT Certifications for a Career in Finance
Apr 12, 2024
employee working on a laptop with AI
Why AI Coding Assistants May Be Greatest Cybersecurity Threat Facing Your Business
Mar 26, 2024