179013 – net-analyzer/honeytrap - a network security tool observe attacks against network services

Bug 179013 - net-analyzer/honeytrap - a network security tool observe attacks against network services

Summary: net-analyzer/honeytrap - a network security tool observe attacks against netw...

Status:	CONFIRMED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	All Linux

Importance:	High enhancement (vote)
Assignee:	Default Assignee for New Packages

URL:	http://sourceforge.net/projects/honey...
Whiteboard:
Keywords:	EBUILD, REVIEWED

Depends on:
Blocks:

Reported:	2007-05-18 15:07 UTC by Jukka Ruohonen
Modified:	2016-06-08 16:06 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
honeytrap-0.6.4 (honeytrap-0.6.4.ebuild,2.97 KB, text/plain) 2007-05-18 15:09 UTC, Jukka Ruohonen	Details
honeytrap.conf (honeytrap.conf,1.97 KB, text/plain) 2007-05-18 15:10 UTC, Jukka Ruohonen	Details
confd (honeytrap.confd,614 bytes, text/plain) 2007-05-18 15:10 UTC, Jukka Ruohonen	Details
initd (honeytrap.initd,709 bytes, text/plain) 2007-05-18 15:11 UTC, Jukka Ruohonen	Details
honeytrap-0.6.4.ebuild (honeytrap-0.6.4.ebuild,2.97 KB, text/plain) 2007-05-18 15:18 UTC, Jukka Ruohonen	Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jukka Ruohonen 2007-05-18 15:07:54 UTC

Honeytrap is a network security tool written to observe attacks against network services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The unique mirroring feature makes this honeypot-tool a nice addition to the rather limited list of similar software provided by Gentoo.

This is a rather ready ebuild. Basic init and conf.d scripts are included. I also modified the shipped default configuration file to suit better Gentoo's defaults. 

Currently there is no option to disable plugins in the autotools build process. This is probaby included in the next release.[1] In my opinion the best option for these .so-plugins is to put them into /usr/src/honeytrap_dynamicsrc - as is done in the Snort-ebuilds.

Thank you,

Jukka Ruohonen.

---

[1] http://svn.mwcollect.org/changeset/1249

Comment 1 Jukka Ruohonen 2007-05-18 15:09:23 UTC

Created attachment 119598 [details]
honeytrap-0.6.4

Comment 2 Jukka Ruohonen 2007-05-18 15:10:05 UTC

Created attachment 119600 [details]
honeytrap.conf

Comment 3 Jukka Ruohonen 2007-05-18 15:10:54 UTC

Created attachment 119601 [details]
confd

Comment 4 Jukka Ruohonen 2007-05-18 15:11:10 UTC

Created attachment 119602 [details]
initd

Comment 5 Jukka Ruohonen 2007-05-18 15:18:57 UTC

Created attachment 119604 [details]
honeytrap-0.6.4.ebuild

(one type corrected in the ebuild.)

Comment 6 Jukka Ruohonen 2007-05-18 19:27:51 UTC

A stable amd64 keyword was left to the submitted ebuild by accident: naturally, if someone is going to deal with this, she or he will modify it to testing.

Comment 7 Markus Ullmann (RETIRED) gentoo-dev

2007-06-06 07:46:53 UTC

Added it to sunrise as net-analyzer/honeytrap with some minor modifications

keep up the good work :)

Comment 8 Michał Górny archtester

2016-06-08 16:06:02 UTC

It seems that this package is no longer in Sunrise.