环境:虚拟机 ubuntu16.041.
# sudo apt-get update && sudo apt-get install g++ gcc
# apt-get install make
# apt-get install flex bison
2.Libevent:
# cd /
# wget http://www.monkey.org/~provos/libevent-1.4.14b-stable.tar.gz
# tar -zxvf libevent-1.4.14b-stable.tar.gz
# cd libevent-1.4.14b-stable
# ./configure
# make
# make install
3.Libdnet:
# cd /
# wget https://nchc.dl.sourceforge.net/project/libdnet/libdnet/libdnet-1.11/libdnet-1.11.tar.gz
# cd libdnet-1.11
# ./configure
# make
# make install
4.Libpcap:
# cd /
# wget http://www.tcpdump.org/release/libpcap-1.5.2.tar.gz
# tar -zxvf libpcap-1.5.2.tar.gz
# cd libpcap-1.5.2
# ./configure
# make
# make install5.arpd:
# cd /
# wget http://www.citi.umich.edu/u/provos/honeyd/arpd-0.2.tar.gz
# tar -zxvf arpd-0.2.tar.gz
# cd arpd
(下边编译过程会报错,注意看解决方法)
# ./configure
# make
# make install报错
解决:
# cd /arpd
# vi arpd.c
添加: #define __FUNCTION__ ""
6.Honeyd
# cd /
# wget http://www.honeyd.org/uploads/honeyd-1.5c.tar.gz
# tar -zxvf honeyd-1.5c.tar.gz
# cd honeyd-1.5c
(提前安装配置,避免编译报错)
# apt-get install libreadline-dev
# apt-get install zlib1g-dev
# ln -s /lib/x86_64-linux-gnu/libc.so.6 /usr/lib/libc.so
# cp /usr/local/lib/libdnet.1 /usr/lib
# ldconfig
# ./configure
# make
# make install蜜罐虚拟出一个主机
1.
# /usr/local/sbin/arpd 192.168.3.233
这个时候如果是虚拟机会报错:
arpd: pcap_lookupdev: no suitable device found
所以指令:
# ifconfig(查看网卡名字)
# /usr/local/sbin/arpd -i ens33 192.168.3.233
编辑honeyd的配置文件
# vi /honey.conf
create default
set default default tcp action filtered
set default default udp action filtered
set default default icmp action filtered
create linux
set linux personality "Linux 2.4.20"
set linux ethernet "Dell"
add linux tcp port 22 open
bind 192.168.3.233 linux启动honeyD
# honeyd -d -f honey.conf -i ens33 192.168.3.233用局域网下的另外一台主机来ping192.168.3.233(我们虚拟出来的主机)
结果如下图: