3 comments on “Building a Honeynet on Linux: Network Infrastructure

  1. A diagram or 2 would assist my small brain in understanding how things are connected from whatever your terminate your public IP onto.

    Do you use ebtables or similar to add any additional protection / security for the honeywall host ?

    • Hi Dan,

      I know — I was thinking as I was writing it, that I really ought to include a diagram to show the network topology. However, I don’t yet know how to do this on Linux. I hope to find out one day and then revisit this post and add a diagram.

      The honeywall host is an installation of the Honeynet Project’s Honeywall CDROM. It isn’t using ebtables (bridge firewall).
      The two interfaces through which Internet traffic passes do not have an IP address on them.
      The management interface has a private IP address on it which cannot be routed over the Internet.
      iptables is used to restrict access to the management interface and to other hosts.
      This will be discussed in more detail in the post describing the Honeywall virtual machine. I’ll get there eventually!

      I hope that this has answered your questions.


  2. Pingback: Building a Honeynet on Linux: Introduction | Malware Musings

Leave a Reply