centos Deployment success （ Test to fail segmentation fault）

Official website ：http://www.honeyd.org/（ Software + rely on ）
Reference resources ：https://www.jianshu.com/p/9fc03166beac

Environmental Science Centos7_x86
Each dependent package and honeyd edition

Download all package resources （https://download.csdn.net/download/weixin_44309300/80840858）

Compile and install the dependent packages separately （ The method is similar to ）

tar -zxf libevent-1.1b-stable.tar.gz
cd  libevent-1.1b-stable/
./configure --prefix=/usr				# --prefix=/usr	 Specify the installation directory , Can add or not add parameters 
make
make install

install ARPD The network is experiencing problems

~/arpd$ sudo ./configure

When executed directly $ sudo make When an error , The error is shown below ：

~/arpd$ sudo make
arpd.c: In function ‘arpd_send’:
arpd.c:268:34: error: expected ‘)’ before string constant
   syslog(LOG_DEBUG, __FUNCTION__ ": who-has %s tell %s",
                                  ^~~~~~~~~~~~~~~~~~~~~~
arpd.c: In function ‘arpd_lookup’:
arpd.c:285:34: error: expected ‘)’ before string constant
   syslog(LOG_DEBUG, __FUNCTION__ ": %s at %s",
                                  ^~~~~~~~~~~~
arpd.c:294:34: error: expected ‘)’ before string constant
   syslog(LOG_DEBUG, __FUNCTION__ ": no entry for %s",
                                  ^~~~~~~~~~~~~~~~~~~
arpd.c:297:34: error: expected ‘)’ before string constant
   syslog(LOG_DEBUG, __FUNCTION__ ": %s at %s",
                                  ^~~~~~~~~~~~
arpd.c: In function ‘arpd_recv_cb’:
arpd.c:426:35: error: expected ‘)’ before string constant
    syslog(LOG_DEBUG, __FUNCTION__ ": %s at %s",
                                   ^~~~~~~~~~~~
Makefile:195: recipe for target 'arpd.o' failed
make: *** [arpd.o] Error 1

terms of settlement ：

stay arpd.c Add... To the file ：

#define __FUNCTION__ ""

make honeyd The problems I met when I was young

honeydstats-analyze.o: In function `analyze_init':
/root/Desktop/honey1.5/honeyd-1.5c/analyze.c:285: undefined reference to `evdns_init'
honeydstats-analyze.o: In function `analyze_country_enter':
/root/Desktop/honey1.5/honeyd-1.5c/analyze.c:436: undefined reference to `evdns_resolve_reverse'

Comment out analyze.c The following two lines of the file ( But it may lead to later Segmentation fault)

436 That's ok //evdns_resolve_reverse
285 That's ok //evdns_init();

2.honeyd: interface_new: intf_get: No such device
solve ： -i Parameters Appoint ens33 Network card device

3./configure

configure: error: need either libedit or libreadline; install one of them

solve ： yum install libedit.i686 libedit-devel.i686

​ yum install -y readline readline-devel

4.sudo ./configure

configure: error: dnet-config not found

solve ：yum install libdnet-devel

5. New problems arise ：configure: error: zlib ismissing - you need to install it

solve ： yum install zlib-devel

make Have a problem

dhcpclient.c:475:28: error: lvalue required as left operand of assignment
  eth = (struct eth_hdr *)p = buf;
                            ^
dhcpclient.c: In function ‘_unicast’:
dhcpclient.c:527:28: error: lvalue required as left operand of assignment
  eth = (struct eth_hdr *)p = buf;

solve ： Modify the code （ succeed , But above error Tips , After reading the source code context, I don't know why the error occurred ！！）

 eth = (struct eth_hdr *)p;

7.fatal error: Python.h: No such file or directory

solve ：

sudo yum install python-devel    # for python2.x installs
sudo yum install python3-devel   # for python3.x installs

Use arpd problem

ioctl(SIOCGIFINDEX) failed: No such device"

solve （ Replace the software perhaps Reinstall another version ）：

https://github.com/quinot/choparp

xprobe2.conf

stay honeyd There are contents in the directory , direct cp Copy

centos test

[[email protected] honeyd-1.5c]# arpd 192.168.163.222
[[email protected] honeyd-1.5c]#  ./honeyd -d -i ens33 -f /usr/local/share/honeyd/first_task.conf 192.168.163.222

segmentation fault:
（ Reference reason ：https://github.com/sefcom/honeyplc/issues/2）

honeyd: interface_new: intf_get: No such device

solve ： -i Parameters Appoint ens33

Reference resources ：（ Reading from top to bottom can improve efficiency ）

https://www.jianshu.com/p/9fc03166beac

https://blog.csdn.net/weixin_43901998/article/details/100604281

https://manpages.org/honeyd/8 ( Manual cases )

https://blog.51cto.com/297020555/538183（centos5.5）

https://cloud.tencent.com/developer/article/1019325

ubuntu Deploy （ Successful deployment + test ）

One 、

Environmental Science ：

ubuntu20.04LTS

honeyd-1.5c.tar.gz

Dependency package :

libevent-1.4.14b-stable.tar.gz
libdnet-1.11.tar.gz
libpcap-1.1.1.tar.gz
arpd-0.2.tar.gz

Download address of all packages ：https://download.csdn.net/download/weixin_44309300/80840581

Two 、 Installation steps （ The process is the same ）

• libevent-1.4.14b-stable.tar.gz

tar -zxf libevent-1.4.14b-stable.tar.gz
cd  libevent-1.4.14b-stable/
./configure --prefix=/usr
make
sudo make install		#  You have to bring it here sudo

• libdnet-1.11.tar.gz

tar -zxvf libdnet-1.11.tar.gz 
cd libdnet-1.11/
./configure
make
sudo make install

• libpcap-1.1.1.tar.gz

tar -zxvf libpcap-1.1.1.tar.gz
cd libpcap-1.1.1/
./configure
make
sudo make install

Error solve ：
sudo apt-get install flex
sudo apt-get install byacc

pcap-linux.c file 1555 All right SIOCGSTAMP Switch to SIOCGIWAP

• arpd-0.2.tar.gz

tar -zxvf arpd-0.2.tar.gz 
cd arpd-0.2/
./configure
make
sudo make install

arpd Run error resolution ：

1.arpd Startup issues

[email protected]:~/Desktop/hontydtool$ arpd 192.168.163.200
arpd: error while loading shared libraries: libevent-1.4.so.2: cannot open shared object file: No such file or directory
[email protected]:~/Desktop/hontydtool$ locate libevent-1.4.so.2

 solve ( Add a read configuration )：
# cd /etc/ld.so.conf.d
# echo "/home/chao/Desktop/hontydtool/libevent-1.4.14b-stable/.libs/libevent-1.4.so.2" >> libpcap.conf

# sudo /sbin/ldconfig	（ Update configuration takes effect ）

 Run again after a successful run arpd There may be ：arpd: pcap_lookupdev: no suitable device found. This is because of insufficient permissions , You just need to run 
# sudo arpd.

• honeyd-1.5c.tar.gz

tar -zxvf honeyd-1.5c.tar.gz
cd honeyd-1.5c/
./configure
make
sudo make install

solve the problem ：

1.
Error： Couldn't figure out how to access libc
 solve ： 
# locate libc.so （ Find the way , then ）
# sudo ln -s /lib/x86_64-linux-gnu/libc.so.6   /usr/lib/libc.so

2.
Error: need either libedit or libreadline; install one of them
 solve ：apt-get install libedit-dev

3.
honeyd: error while loading shared libraries: libdnet.1: cannot open shared object file: No such file or directory
 This is because the shared library file is in  /usr/local/lib Next , The default dynamic library will only search /usr/lib
 Let's go straight to  honeyd  Needed  libdnet.1  Copied to the  /usr/lib It's OK ,libdnet.1  Default in  /usr/local/lib  Under the table of contents :
 Carry out orders ：
# sudo cp /usr/local/lib/libdnet.1 /usr/lib
# sudo ldconfig

When the installation is completed, the

sudo honeyd The successful echo is as follows ：

[email protected]:~/Desktop/hontydtool/honeyd-1.5c$ sudo honeyd
Honeyd V1.5c Copyright (c) 2002-2007 Niels Provos
honeyd[92722]: started with 
Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0"
Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3"
honeyd[92722]: listening promiscuously on ens33: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip )) and not ether src 00:0c:29:8b:10:59
Honeyd starting as background process

ubuntu test

[[email protected] honeyd-1.5c]# arpd 192.168.163.222
[[email protected] honeyd-1.5c]#  ./honeyd -d -i ens33 -f /usr/local/share/honeyd/first_task.conf 192.168.163.222

The configuration file sudo vim /usr/local/share/honeyd/first_task.conf

create windows  #  Create a template , be known as windows; Names can be chosen at will 
set windows personality "Microsoft Windows NT 4.0 SP6a"  #  Assign a fingerprint to this template 
set windows default tcp action reset  #  default setting tcp The lower port of the protocol is reset Pattern 
add windows tcp port 80 open  #  to open up tcp Agreed 80 port 
bind 192.168.70.222 windows  #  Bind a for the virtual host IP Address 

#  Uncommented version 
create windows
set windows personality "Microsoft Windows NT 4.0 SP6a"
set windows default tcp action reset
add windows tcp port 80 open 
bind 192.168.70.222 windows 

Test the effect successfully :
（ Use another host in the same LAN to ping 192.168.163.222）

[email protected]:~/Desktop/hontydtool/honeyd-1.5c$ sudo honeyd -d -i ens33 -f /usr/local/share/honeyd/first_task.conf 192.168.163.222
Honeyd V1.5c Copyright (c) 2002-2007 Niels Provos
honeyd[92478]: started with -d -i ens33 -f /usr/local/share/honeyd/first_task.conf 192.168.163.222
Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0"
Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3"
honeyd[92478]: listening promiscuously on ens33: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip and (host 192.168.163.222))) and not ether src 00:0c:29:8b:10:59
honeyd[92478]: Demoting process privileges to uid 65534, gid 65534
honeyd[92478]: Sending ICMP Echo Reply: 192.168.163.222 -> 192.168.163.55
honeyd[92478]: Sending ICMP Echo Reply: 192.168.163.222 -> 192.168.163.55
honeyd[92478]: Sending ICMP Echo Reply: 192.168.163.222 -> 192.168.163.55
honeyd[92478]: Sending ICMP Echo Reply: 192.168.163.222 -> 192.168.163.55
honeyd[92478]: Sending ICMP Echo Reply: 192.168.163.222 -> 192.168.163.55
honeyd[92478]: Sending ICMP Echo Reply: 192.168.163.222 -> 192.168.163.55
honeyd[92478]: Sending ICMP Echo Reply: 192.168.163.222 -> 192.168.163.55
honeyd[92478]: Sending ICMP Echo Reply: 192.168.163.222 -> 192.168.163.55
^Choneyd[92478]: exiting on signal 2

Configure log files, etc

mkdir /var/log/honeyd
touch /var/log/honeyd/honeyd.log
touch /var/log/honeyd/service.log
chown nobody:nogroup /var/log/honeyd/*.log
ll /var/log/honeyd/
./honeyd -d -l /var/log/honeyd/honeyd.log -s /var/log/honeyd/service.log --fix-webserver-permissions 192.168.0.5