LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
LinkBack Search this Thread
Old 08-18-2009, 07:35 AM   #1
glg
LQ Newbie
 
Registered: Aug 2009
Location: China
Posts: 25

Rep: Reputation: 15
Problems about install Nepenthes on Ubuntu


Hi everyone,
I am trying to install nepenthes on Ubuntu-8.0,after I have followed every step on its site,when I run it I get the following error:

[ crit mgr ] Compiled without support for capabilities, no way to run capabilities

I do not know when this happen and how to solve it.I hope someone could help me.
What's more, I search the Internet and find someone said I should install libcap. However, when I install libcap-1.10 on Ubuntu, I have problems too:

glg:~/build/cdrkit/libcap-1.10.orig[/email]$ make
make -C libcap CC='gcc' CFLAGS='-Dlinux -ansi -D_POSIX_SOURCE -Wall -Wwrite-strings -Wpointer-arith -Wcast-qual -Wcast-align -Wtraditional -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wshadow -pedantic -g -I/home/mingdao/build/cdrkit/libcap-1.10.orig/libcap/include' LD='ld' LIBS='-L/home/mingdao/build/cdrkit/libcap-1.10.orig/libcap -lcap' LDFLAGS='-s ' VERSION='1' MINOR='10' LIBDIR='/lib' INCDIR='/usr/include' SBINDIR='/sbin' MANDIR='/usr/man' all
make[1]: Entering directory `/home/glg/build/cdrkit/libcap-1.10.orig/libcap'
gcc -Dlinux -ansi -D_POSIX_SOURCE -Wall -Wwrite-strings -Wpointer-arith -Wcast-qual -Wcast-align -Wtraditional -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wshadow -pedantic -g -I/home/mingdao/build/cdrkit/libcap-1.10.orig/libcap/include -c cap_sys.c -o cap_sys.o
In file included from cap_sys.c:10:
libcap.h:57:3: warning: suggest hiding #error from traditional C with an indented #
libcap.h:58:3: warning: suggest hiding #error from traditional C with an indented #
libcap.h:101:25: warning: ISO C does not permit named variadic macros
cap_sys.c:14: error: expected XXX specifiers or ‘...’ before ‘capget’
cap_sys.c:15: error: expected XXX specifiers or ‘...’ before ‘header’
cap_sys.c:16: error: expected XXX specifiers or ‘...’ before ‘data’
cap_sys.c:18: warning: return type defaults to ‘int’
cap_sys.c:18: warning: no previous prototype for ‘_syscall2’
cap_sys.c: In function ‘_syscall2’:
cap_sys.c:18: error: expected declaration specifiers before ‘_syscall2’
cap_sys.c:20: warning: traditional C rejects ISO C style function definitions
cap_sys.c:14: error: parameter name omitted
cap_sys.c:15: error: parameter name omitted
cap_sys.c:16: error: parameter name omitted
make[1]: *** [cap_sys.o] Error 1
make[1]: Leaving directory `/home/mingdao/build/cdrkit/libcap-1.10.orig/libcap'
make: *** [all] Error 2


I hope someone could help me.I appreciate your help in advance.
Thanks.
glg
 
Old 08-18-2009, 12:48 PM   #2
knudfl
LQ 5k Club
 
Registered: Jan 2008
Location: Copenhagen, DK
Distribution: pclos2013.07, Slack14.1 DebWheezy, +50+ other Linux OS, for test only.
Posts: 13,192

Rep: Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372
Welcome to LQ.

Ubuntu 8.04 → → 8 = 2008 , 04 = april.
There is no Ubuntu 8.0.

Why aren't you installing 'nepenthes' with the Package Manager ?
Please look for 'Synaptic' in the Menu's.
Or use the command : sudo apt-get install nepenthes

If you really want to compile nepenthes :
sudo apt-get install libpcap-dev libpcap0.8-dev
... which are the "pcap" packages required for development.

But you may also need ' -dev ' versions of all the other files,
nepenthes is depending on :
http://packages.ubuntu.com/hardy/net/nepenthes
.....

Last edited by knudfl; 08-18-2009 at 12:50 PM.
 
Old 08-18-2009, 08:43 PM   #3
glg
LQ Newbie
 
Registered: Aug 2009
Location: China
Posts: 25

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by knudfl View Post
Welcome to LQ.

Ubuntu 8.04 → → 8 = 2008 , 04 = april.
There is no Ubuntu 8.0.

Why aren't you installing 'nepenthes' with the Package Manager ?
Please look for 'Synaptic' in the Menu's.
Or use the command : sudo apt-get install nepenthes

If you really want to compile nepenthes :
sudo apt-get install libpcap-dev libpcap0.8-dev
... which are the "pcap" packages required for development.

But you may also need ' -dev ' versions of all the other files,
nepenthes is depending on :
http://packages.ubuntu.com/hardy/net/nepenthes
.....
Thank you. And I am install nepenthes on Ubuntu 8.04 not Ubuntu 8.0.As I am a novice,I do not quite understand what is "Package Manager"? As I am doing Honeynet project, I need to install nepenthes.I have installed
libpcap-dev libpcap0.8-dev and libcap-dev, but when I run sudo /opt/nepenthes/bin/nepenthes , it still come this:
[ crit mgr ] Compiled without support for capabilities, no way to run capabilities

I do not why this happen. And I want to know what is the difference between libpcap and libcap? Thank you for your precious time!
 
Old 08-18-2009, 09:36 PM   #4
knudfl
LQ 5k Club
 
Registered: Jan 2008
Location: Copenhagen, DK
Distribution: pclos2013.07, Slack14.1 DebWheezy, +50+ other Linux OS, for test only.
Posts: 13,192

Rep: Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372
Package Manager :
Please have a look into 'Synaptic' yourself.
This is the Linux way for installing software :
The application holds information about the
22,000 packages with software already compiled
for your Ubuntu. A few clicks, and e.g. nepenthes
+ the dependencies are downloaded and installed.

http://packages.ubuntu.com/hardy/net/nepenthes
The Ubuntu package 'nepenthes' is configured this way,
ref. "Links for nepenthes", the file rules in the
patched source package , nepenthes-0.2.0/debian/ :
Code:
	./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) \
	--prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info --bindir=/usr/sbin --localstatedir=/var --sysconfdir=/etc \
	--enable-debug-logging \
	--enable-capabilities \
	--enable-pcap \
	--disable-static\
	--with-pic \
	--enable-ipq \
	--with-ipq-include=/usr/include/libipq \
        --enable-postgre \
        --with-postgre-include=/usr/include/postgresql
So may be you can just add '--enable-capabilities' to your configure options.
( Doing './configure --help' will show all options.)
.....
.....
P.S.: libcap description : http://packages.ubuntu.com/hardy/libcap1

... and "Nepenthes Readme"
http://nepenthes.carnivore.it/documentation:readme
.....

Last edited by knudfl; 08-18-2009 at 10:15 PM.
 
Old 08-18-2009, 10:13 PM   #5
glg
LQ Newbie
 
Registered: Aug 2009
Location: China
Posts: 25

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by knudfl View Post
Please have a look into 'Synaptic' yourself.
This is the Linux way for installing software :
This application holds information about the
22,000 packages with software already compiled
for your Ubuntu. A few clicks, and e.g. nepenthes
+ the dependencies are downloaded and installed.

http://packages.ubuntu.com/hardy/net/nepenthes
'nepenthes' is configured this way,
ref. "Links for nepenthes", the file rules in the
patched source package , nepenthes-0.2.0/debian/ :
Code:
	./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) \
	--prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info --bindir=/usr/sbin --localstatedir=/var --sysconfdir=/etc \
	--enable-debug-logging \
	--enable-capabilities \
	--enable-pcap \
	--disable-static\
	--with-pic \
	--enable-ipq \
	--with-ipq-include=/usr/include/libipq \
        --enable-postgre \
        --with-postgre-include=/usr/include/postgresql
So may be you can just add '--enable-capabilities' to your configure options.
.....
.....
P.S.: libcap description : http://packages.ubuntu.com/hardy/libcap1

... and "Nepenthes Readme"
http://nepenthes.carnivore.it/documentation:readme
.....
Thank you again. And I did download the nepenthes file from http://packages.ubuntu.com/hardy/net/nepenthes and installed it following http://nepenthes.carnivore.it/documentation:readme. I want to know the following sentences which you told me above are in which directory?I can not find them.

--enable-debug-logging \
--enable-capabilities \
--enable-pcap \
--disable-static\
--with-pic \
--enable-ipq \
--with-ipq-include=/usr/include/libipq \
--enable-postgre \
--with-postgre-include=/usr/include/postgresql[/code]

Thank you.
glg
 
Old 08-19-2009, 03:50 AM   #6
knudfl
LQ 5k Club
 
Registered: Jan 2008
Location: Copenhagen, DK
Distribution: pclos2013.07, Slack14.1 DebWheezy, +50+ other Linux OS, for test only.
Posts: 13,192

Rep: Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372
And I still do not understand, why you are not using
the Ubuntu package. It seems to have the facilities,
you need.
.....

http://packages.ubuntu.com/hardy/net/nepenthes
> > "Links for nepenthes" >
[nepenthes_0.2.0.orig.tar.gz] , [nepenthes_0.2.0-2ubuntu1.diff.gz]
... you will need the patch too ... the ".diff " file.
1) gunzip nepenthes_0.2.0-2ubuntu1.diff.gz
2) cp nepenthes_0.2.0-2ubuntu1.diff nepenthes-0.2.0/
3) cd nepenthes-0.2.0/
4) patch -p1 < nepenthes_0.2.0-2ubuntu1.diff
... getting you nepenthes-0.2.0/debian/rules .
'rules' is a text file used by e.g. the 'dhbuild' command,
when building the package.

But please use 'sudo apt-get install nepenthes' to get it installed.
.....
 
Old 08-19-2009, 08:24 AM   #7
glg
LQ Newbie
 
Registered: Aug 2009
Location: China
Posts: 25

Original Poster
Rep: Reputation: 15
Wink

Quote:
Originally Posted by knudfl View Post
And I still do not understand, why you are not using
the Ubuntu package. It seems to have the facilities,
you need.
.....

http://packages.ubuntu.com/hardy/net/nepenthes
> > "Links for nepenthes" >
[nepenthes_0.2.0.orig.tar.gz] , [nepenthes_0.2.0-2ubuntu1.diff.gz]
... you will need the patch too ... the ".diff " file.
1) gunzip nepenthes_0.2.0-2ubuntu1.diff.gz
2) cp nepenthes_0.2.0-2ubuntu1.diff nepenthes-0.2.0/
3) cd nepenthes-0.2.0/
4) patch -p1 < nepenthes_0.2.0-2ubuntu1.diff
... getting you nepenthes-0.2.0/debian/rules .
'rules' is a text file used by e.g. the 'dhbuild' command,
when building the package.

But please use 'sudo apt-get install nepenthes' to get it installed.
.....
Thank you for your precious time! The problem has been solved after I reinstall nepenthes.But I do not quite understand how to use nepenthes,could you please give me some information or relevant website about how to use it? Sorry for any trouble I may bring to you.
Thank you!
 
Old 08-19-2009, 09:18 AM   #8
knudfl
LQ 5k Club
 
Registered: Jan 2008
Location: Copenhagen, DK
Distribution: pclos2013.07, Slack14.1 DebWheezy, +50+ other Linux OS, for test only.
Posts: 13,192

Rep: Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372Reputation: 2372
Nepenthes links
http://nepenthes.carnivore.it/
"Welcome to the official nepenthes website!"

The most text here is links to code :
http://nepenthes.carnivore.it/documentation

... Just Google .. nepenthes linux ..
Lots of info ...
http://www.securityfocus.com/infocus/1880
http://forums.whirlpool.net.au/forum...m/1052105.html
etc. etc.
.....
And the Google Penguin tool reduces the 20,000 hits to 1,980 :
http://www.google.com/linux?hl=en&q=...ux&btnG=Search
http://www.google.com/linux
.....
 
Old 08-20-2009, 02:21 AM   #9
glg
LQ Newbie
 
Registered: Aug 2009
Location: China
Posts: 25

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by knudfl View Post
Nepenthes links
http://nepenthes.carnivore.it/
"Welcome to the official nepenthes website!"

The most text here is links to code :
http://nepenthes.carnivore.it/documentation

... Just Google .. nepenthes linux ..
Lots of info ...
http://www.securityfocus.com/infocus/1880
http://forums.whirlpool.net.au/forum...m/1052105.html
etc. etc.
.....
And the Google Penguin tool reduces the 20,000 hits to 1,980 :
http://www.google.com/linux?hl=en&q=...ux&btnG=Search
http://www.google.com/linux
.....
Thank you! The following picture is when I input sudo /opt/nepenthes/bin/nepenthes ,I get:开始图片2.jpg
I want to know does that mean I have start nepenthes? But there is nothing in : /var/lib/nepenthes/binaries/ as well as /var/log/nepenthes/logged_submissions
/var/log/nepenthes/logged_downloads

I want to know why this happen?

Thank you helping me again.
 
Old 08-20-2009, 09:00 PM   #10
glg
LQ Newbie
 
Registered: Aug 2009
Location: China
Posts: 25

Original Poster
Rep: Reputation: 15
run nepenthes

Hi everyone, I have installed nepenthes on my VM with the system of Ubuntu 8.04 ,and my host computer uses WindowsXP. The following picture is when I input sudo /opt/nepenthes/bin/nepenthes ,I get 开始图片2.jpg
I want to know does that mean I have start nepenthes? But after hours there is still nothing in : /var/lib/nepenthes/binaries/
as well as /var/log/nepenthes/logged_submissions
/var/log/nepenthes/logged_downloads

I want to know why this happen? Does it have anything to do with my host firewall? Thank you for your help in advance.
 
Old 08-21-2009, 04:23 AM   #11
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,534
Blog Entries: 51

Rep: Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601
Reported as duplicate post.
 
Old 08-21-2009, 02:21 PM   #12
//////
Member
 
Registered: Nov 2005
Location: Land of Linux :: Finland
Distribution: Quad boot :: Windows vista 64-bit | Vector Linux | Slackware 13.0 64-Bit | Debian 6.0 64-bit
Posts: 138

Rep: Reputation: 17
Quote:
Originally Posted by glg View Post
The following picture is when I input sudo /opt/nepenthes/bin/nepenthes ,I get Attachment 1284
I want to know does that mean I have start nepenthes?
It means that nepenthes is running ok.

Quote:
Originally Posted by glg View Post
Does it have anything to do with my host firewall?
Yes, you need to open ports depending on what vulnerability modules you are using.

From nepenthes.conf:
Code:
56	// vulnerability modules
57	    "vulnbagle.so",                 "vuln-bagle.conf",              ""
58	    "vulndameware.so",              "vuln-dameware.conf",           ""   
59	    "vulndcom.so",                  "vuln-dcom.conf",               ""
60	    "vulnftpd.so",                  "vuln-ftpd.conf",               ""
61	    "vulniis.so",                   "vuln-iis.conf",                ""
62	    "vulnkuang2.so",                "vuln-kuang2.conf",             ""
63	    "vulnlsass.so",                 "vuln-lsass.conf",              ""
64	    "vulnmsmq.so",                  "vuln-msmq.conf",               ""
65	    "vulnmsdtc.so",                 "vuln-msdtc.conf",              ""
66	    "vulnmssql.so",                 "vuln-mssql.conf",              ""
67	    "vulnmydoom.so",                "vuln-mydoom.conf",             ""
68	    "vulnnetbiosname.so",           "vuln-netbiosname.conf",        ""
69	    "vulnnetdde.so",                "vuln-netdde.conf",             ""
70	    "vulnoptix.so",                 "vuln-optix.conf",              ""
71	    "vulnpnp.so",                   "vuln-pnp.conf",                ""
72	    "vulnsasserftpd.so",            "vuln-sasserftpd.conf",         ""
73	    "vulnsub7.so",                  "vuln-sub7.conf",               ""
74	    "vulnupnp.so",                  "vuln-upnp.conf",               ""
75	    "vulnveritas.so",               "vuln-veritas.conf",            ""
76	    "vulnwins.so",                  "vuln-wins.conf",               ""
77	    "vulnasn1.so",                  "vuln-asn1.conf",               ""
78	    "vulnms08067.so",               "vuln-ms08067.conf",            ""

Here is a list of ports you need to open.
Code:
ville@MintBox ~/Desktop $ sudo netstat -auntp | grep -i nepenthes
tcp        0      0 0.0.0.0:1025            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:3140            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:135             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:5000            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:42              0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:3372            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:6129            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:5554            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:27347           0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:17300           0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:3127            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:2103            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:2105            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:2745            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:2107            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:220             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:1023            0.0.0.0:*               LISTEN      25516/nepenthes 
udp        0      0 0.0.0.0:1434            0.0.0.0:*                           26767/nepenthes 
udp        0      0 0.0.0.0:1434            0.0.0.0:*                           25516/nepenthes
 
Old 08-21-2009, 09:17 PM   #13
glg
LQ Newbie
 
Registered: Aug 2009
Location: China
Posts: 25

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by ////// View Post
It means that nepenthes is running ok.



Yes, you need to open ports depending on what vulnerability modules you are using.

From nepenthes.conf:
Code:
56	// vulnerability modules
57	    "vulnbagle.so",                 "vuln-bagle.conf",              ""
58	    "vulndameware.so",              "vuln-dameware.conf",           ""   
59	    "vulndcom.so",                  "vuln-dcom.conf",               ""
60	    "vulnftpd.so",                  "vuln-ftpd.conf",               ""
61	    "vulniis.so",                   "vuln-iis.conf",                ""
62	    "vulnkuang2.so",                "vuln-kuang2.conf",             ""
63	    "vulnlsass.so",                 "vuln-lsass.conf",              ""
64	    "vulnmsmq.so",                  "vuln-msmq.conf",               ""
65	    "vulnmsdtc.so",                 "vuln-msdtc.conf",              ""
66	    "vulnmssql.so",                 "vuln-mssql.conf",              ""
67	    "vulnmydoom.so",                "vuln-mydoom.conf",             ""
68	    "vulnnetbiosname.so",           "vuln-netbiosname.conf",        ""
69	    "vulnnetdde.so",                "vuln-netdde.conf",             ""
70	    "vulnoptix.so",                 "vuln-optix.conf",              ""
71	    "vulnpnp.so",                   "vuln-pnp.conf",                ""
72	    "vulnsasserftpd.so",            "vuln-sasserftpd.conf",         ""
73	    "vulnsub7.so",                  "vuln-sub7.conf",               ""
74	    "vulnupnp.so",                  "vuln-upnp.conf",               ""
75	    "vulnveritas.so",               "vuln-veritas.conf",            ""
76	    "vulnwins.so",                  "vuln-wins.conf",               ""
77	    "vulnasn1.so",                  "vuln-asn1.conf",               ""
78	    "vulnms08067.so",               "vuln-ms08067.conf",            ""


Here is a list of ports you need to open.
Code:
ville@MintBox ~/Desktop $ sudo netstat -auntp | grep -i nepenthes
tcp        0      0 0.0.0.0:1025            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:3140            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:135             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:5000            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:42              0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:3372            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:6129            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:5554            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:27347           0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:17300           0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:3127            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:2103            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:2105            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:2745            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:2107            0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:220             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN      25516/nepenthes 
tcp        0      0 0.0.0.0:1023            0.0.0.0:*               LISTEN      25516/nepenthes 
udp        0      0 0.0.0.0:1434            0.0.0.0:*                           26767/nepenthes 
udp        0      0 0.0.0.0:1434            0.0.0.0:*                           25516/nepenthes

Thank you! When I see the file nepenthes.so,it has all the vulnerability modules except
78 "vulnms08067.so", "vuln-ms08067.conf", ""

Is this the reason why I get nothing? However,after I have add it to this file, there is still nothing in /var/lib/nepenthes/binaries
and /var/log/nepenthes/logged_submissions .

When I run sudo netstat -auntp | grep -i nepenthes , I get all the ports that you listed above, except the last two udp, I get only one of them ,I do not why you get two udp connection. Does it matter with the problem that I get nothing in /var/lib/nepenthes/binaries
and /var/log/nepenthes/logged_submissions ?

Thank you for your precious time.
glg
 
Old 08-22-2009, 03:07 AM   #14
//////
Member
 
Registered: Nov 2005
Location: Land of Linux :: Finland
Distribution: Quad boot :: Windows vista 64-bit | Vector Linux | Slackware 13.0 64-Bit | Debian 6.0 64-bit
Posts: 138

Rep: Reputation: 17
Quote:
Originally Posted by glg View Post
Thank you! When I see the file nepenthes.so,it has all the vulnerability modules except
78 "vulnms08067.so", "vuln-ms08067.conf", ""

Is this the reason why I get nothing?
No, it doesnt matter, its not the reason, the reason seems to be host firewall.

Have you opened your ports? If you have opened those try doing a service scan so you can be sure of it.

http://centralops.net/co/DomainDossier.aspx

You should see something like this:
(I opened ftp port for example)
Code:
Address lookup
canonical name 	yycccxxii.gprs.sl-laajakaista.fi.
aliases 	
addresses 	85.76.221.xx
Service scan
FTP - 21	220 ---freeFTPd 1.0---warFTPd 1.65---
SMTP - 25	Error: TimedOut
HTTP - 80	Error: TimedOut
POP3 - 110	Error: TimedOut
IMAP - 143	Error: TimedOut

-- end --
And in nepenthes you should see this:
Code:
[ warn module ] Unknown exploit 0 bytes
screenshot
 
Old 08-22-2009, 09:24 AM   #15
pixellany
LQ Veteran
 
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Arch/XFCE
Posts: 17,802

Rep: Reputation: 728Reputation: 728Reputation: 728Reputation: 728Reputation: 728Reputation: 728Reputation: 728
Please post your thread in only one forum. Posting a single thread in the most relevant forum will make it easier for members to help you and will keep the discussion in one place. The duplicate threads have been merged---since both had replies.
 
  


Reply

Tags
install


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
GRUB install problems... (post windows install on ubuntu) sersdf Linux - Software 4 02-27-2009 07:59 AM
Problems while trying to Install Ubuntu Cor3y Ubuntu 6 10-09-2008 03:41 AM
LXer: Create a simple honeypot with Debian and Nepenthes LXer Syndicated Linux News 0 08-23-2007 08:40 PM
Nepenthes: low interaction honeypots OlRoy Linux - Security 8 03-18-2007 04:25 PM
new ubuntu install problems shindinobot Linux - Newbie 5 01-25-2007 06:35 PM


All times are GMT -5. The time now is 08:18 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration