Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
|
08-18-2009, 07:35 AM
|
#1
|
|
LQ Newbie
Registered: Aug 2009
Location: China
Posts: 25
Rep: 
|
Problems about install Nepenthes on Ubuntu
Hi everyone,
I am trying to install nepenthes on Ubuntu-8.0,after I have followed every step on its site,when I run it I get the following error:
[ crit mgr ] Compiled without support for capabilities, no way to run capabilities
I do not know when this happen and how to solve it.I hope someone could help me.
What's more, I search the Internet and find someone said I should install libcap. However, when I install libcap-1.10 on Ubuntu, I have problems too:
glg:~/build/cdrkit/libcap-1.10.orig[/email]$ make
make -C libcap CC='gcc' CFLAGS='-Dlinux -ansi -D_POSIX_SOURCE -Wall -Wwrite-strings -Wpointer-arith -Wcast-qual -Wcast-align -Wtraditional -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wshadow -pedantic -g -I/home/mingdao/build/cdrkit/libcap-1.10.orig/libcap/include' LD='ld' LIBS='-L/home/mingdao/build/cdrkit/libcap-1.10.orig/libcap -lcap' LDFLAGS='-s ' VERSION='1' MINOR='10' LIBDIR='/lib' INCDIR='/usr/include' SBINDIR='/sbin' MANDIR='/usr/man' all
make[1]: Entering directory `/home/glg/build/cdrkit/libcap-1.10.orig/libcap'
gcc -Dlinux -ansi -D_POSIX_SOURCE -Wall -Wwrite-strings -Wpointer-arith -Wcast-qual -Wcast-align -Wtraditional -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wshadow -pedantic -g -I/home/mingdao/build/cdrkit/libcap-1.10.orig/libcap/include -c cap_sys.c -o cap_sys.o
In file included from cap_sys.c:10:
libcap.h:57:3: warning: suggest hiding #error from traditional C with an indented #
libcap.h:58:3: warning: suggest hiding #error from traditional C with an indented #
libcap.h:101:25: warning: ISO C does not permit named variadic macros
cap_sys.c:14: error: expected XXX specifiers or ... before capget
cap_sys.c:15: error: expected XXX specifiers or ... before header
cap_sys.c:16: error: expected XXX specifiers or ... before data
cap_sys.c:18: warning: return type defaults to int
cap_sys.c:18: warning: no previous prototype for _syscall2
cap_sys.c: In function _syscall2:
cap_sys.c:18: error: expected declaration specifiers before _syscall2
cap_sys.c:20: warning: traditional C rejects ISO C style function definitions
cap_sys.c:14: error: parameter name omitted
cap_sys.c:15: error: parameter name omitted
cap_sys.c:16: error: parameter name omitted
make[1]: *** [cap_sys.o] Error 1
make[1]: Leaving directory `/home/mingdao/build/cdrkit/libcap-1.10.orig/libcap'
make: *** [all] Error 2
I hope someone could help me.I appreciate your help in advance.
Thanks.
glg
|
|
|
|
|
08-18-2009, 12:48 PM
|
#2
|
|
LQ 5k Club
Registered: Jan 2008
Location: Copenhagen, DK
Distribution: pclos2012.8, Slack1337 DebSqueeze, +50+ other Linux OS, for test only.
Posts: 11,620
|
Welcome to LQ.
Ubuntu 8.04 → → 8 = 2008 , 04 = april.
There is no Ubuntu 8.0.
Why aren't you installing 'nepenthes' with the Package Manager ?
Please look for 'Synaptic' in the Menu's.
Or use the command : sudo apt-get install nepenthes
If you really want to compile nepenthes :
sudo apt-get install libpcap-dev libpcap0.8-dev
... which are the "pcap" packages required for development.
But you may also need ' -dev ' versions of all the other files,
nepenthes is depending on :
http://packages.ubuntu.com/hardy/net/nepenthes
.....
Last edited by knudfl; 08-18-2009 at 12:50 PM.
|
|
|
|
|
08-18-2009, 08:43 PM
|
#3
|
|
LQ Newbie
Registered: Aug 2009
Location: China
Posts: 25
Original Poster
Rep:
|
Quote:
Originally Posted by knudfl
Welcome to LQ.
Ubuntu 8.04 → → 8 = 2008 , 04 = april.
There is no Ubuntu 8.0.
Why aren't you installing 'nepenthes' with the Package Manager ?
Please look for 'Synaptic' in the Menu's.
Or use the command : sudo apt-get install nepenthes
If you really want to compile nepenthes :
sudo apt-get install libpcap-dev libpcap0.8-dev
... which are the "pcap" packages required for development.
But you may also need ' -dev ' versions of all the other files,
nepenthes is depending on :
http://packages.ubuntu.com/hardy/net/nepenthes
..... |
Thank you. And I am install nepenthes on Ubuntu 8.04 not Ubuntu 8.0.As I am a novice,I do not quite understand what is "Package Manager"? As I am doing Honeynet project, I need to install nepenthes.I have installed
libpcap-dev libpcap0.8-dev and libcap-dev, but when I run sudo /opt/nepenthes/bin/nepenthes , it still come this:
[ crit mgr ] Compiled without support for capabilities, no way to run capabilities
I do not why this happen. And I want to know what is the difference between libpcap and libcap? Thank you for your precious time! |
|
|
|
|
08-18-2009, 09:36 PM
|
#4
|
|
LQ 5k Club
Registered: Jan 2008
Location: Copenhagen, DK
Distribution: pclos2012.8, Slack1337 DebSqueeze, +50+ other Linux OS, for test only.
Posts: 11,620
|
Package Manager :
Please have a look into 'Synaptic' yourself.
This is the Linux way for installing software :
The application holds information about the
22,000 packages with software already compiled
for your Ubuntu. A few clicks, and e.g. nepenthes
+ the dependencies are downloaded and installed.
http://packages.ubuntu.com/hardy/net/nepenthes
The Ubuntu package 'nepenthes' is configured this way,
ref. "Links for nepenthes", the file rules in the
patched source package , nepenthes-0.2.0/debian/ :
Code:
./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) \
--prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info --bindir=/usr/sbin --localstatedir=/var --sysconfdir=/etc \
--enable-debug-logging \
--enable-capabilities \
--enable-pcap \
--disable-static\
--with-pic \
--enable-ipq \
--with-ipq-include=/usr/include/libipq \
--enable-postgre \
--with-postgre-include=/usr/include/postgresql
So may be you can just add '--enable-capabilities' to your configure options.
( Doing './configure --help' will show all options.)
.....
.....
P.S.: libcap description : http://packages.ubuntu.com/hardy/libcap1
... and "Nepenthes Readme"
http://nepenthes.carnivore.it/documentation:readme
.....
Last edited by knudfl; 08-18-2009 at 10:15 PM.
|
|
|
|
|
08-18-2009, 10:13 PM
|
#5
|
|
LQ Newbie
Registered: Aug 2009
Location: China
Posts: 25
Original Poster
Rep:
|
Quote:
Originally Posted by knudfl
Please have a look into 'Synaptic' yourself.
This is the Linux way for installing software :
This application holds information about the
22,000 packages with software already compiled
for your Ubuntu. A few clicks, and e.g. nepenthes
+ the dependencies are downloaded and installed.
http://packages.ubuntu.com/hardy/net/nepenthes
'nepenthes' is configured this way,
ref. "Links for nepenthes", the file rules in the
patched source package , nepenthes-0.2.0/debian/ :
Code:
./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) \
--prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info --bindir=/usr/sbin --localstatedir=/var --sysconfdir=/etc \
--enable-debug-logging \
--enable-capabilities \
--enable-pcap \
--disable-static\
--with-pic \
--enable-ipq \
--with-ipq-include=/usr/include/libipq \
--enable-postgre \
--with-postgre-include=/usr/include/postgresql
So may be you can just add '--enable-capabilities' to your configure options.
.....
.....
P.S.: libcap description : http://packages.ubuntu.com/hardy/libcap1
... and "Nepenthes Readme"
http://nepenthes.carnivore.it/documentation:readme
..... |
Thank you again. And I did download the nepenthes file from http://packages.ubuntu.com/hardy/net/nepenthes and installed it following http://nepenthes.carnivore.it/documentation:readme. I want to know the following sentences which you told me above are in which directory?I can not find them.
--enable-debug-logging \
--enable-capabilities \
--enable-pcap \
--disable-static\
--with-pic \
--enable-ipq \
--with-ipq-include=/usr/include/libipq \
--enable-postgre \
--with-postgre-include=/usr/include/postgresql[/code]
Thank you.
glg |
|
|
|
|
08-19-2009, 03:50 AM
|
#6
|
|
LQ 5k Club
Registered: Jan 2008
Location: Copenhagen, DK
Distribution: pclos2012.8, Slack1337 DebSqueeze, +50+ other Linux OS, for test only.
Posts: 11,620
|
And I still do not understand, why you are not using
the Ubuntu package. It seems to have the facilities,
you need.
.....
http://packages.ubuntu.com/hardy/net/nepenthes
> > "Links for nepenthes" >
[nepenthes_0.2.0.orig.tar.gz] , [nepenthes_0.2.0-2ubuntu1.diff.gz]
... you will need the patch too ... the ".diff " file.
1) gunzip nepenthes_0.2.0-2ubuntu1.diff.gz
2) cp nepenthes_0.2.0-2ubuntu1.diff nepenthes-0.2.0/
3) cd nepenthes-0.2.0/
4) patch -p1 < nepenthes_0.2.0-2ubuntu1.diff
... getting you nepenthes-0.2.0/ debian/rules .
'rules' is a text file used by e.g. the 'dhbuild' command,
when building the package.
But please use 'sudo apt-get install nepenthes' to get it installed.
..... |
|
|
|
|
08-19-2009, 08:24 AM
|
#7
|
|
LQ Newbie
Registered: Aug 2009
Location: China
Posts: 25
Original Poster
Rep:
|
Quote:
Originally Posted by knudfl
And I still do not understand, why you are not using
the Ubuntu package. It seems to have the facilities,
you need.
.....
http://packages.ubuntu.com/hardy/net/nepenthes
> > "Links for nepenthes" >
[nepenthes_0.2.0.orig.tar.gz] , [nepenthes_0.2.0-2ubuntu1.diff.gz]
... you will need the patch too ... the ".diff " file.
1) gunzip nepenthes_0.2.0-2ubuntu1.diff.gz
2) cp nepenthes_0.2.0-2ubuntu1.diff nepenthes-0.2.0/
3) cd nepenthes-0.2.0/
4) patch -p1 < nepenthes_0.2.0-2ubuntu1.diff
... getting you nepenthes-0.2.0/ debian/rules .
'rules' is a text file used by e.g. the 'dhbuild' command,
when building the package.
But please use 'sudo apt-get install nepenthes' to get it installed.
..... |
Thank you for your precious time! The problem has been solved after I reinstall nepenthes.But I do not quite understand how to use nepenthes,could you please give me some information or relevant website about how to use it? Sorry for any trouble I may bring to you.
Thank you! |
|
|
|
|
08-19-2009, 09:18 AM
|
#8
|
|
LQ 5k Club
Registered: Jan 2008
Location: Copenhagen, DK
Distribution: pclos2012.8, Slack1337 DebSqueeze, +50+ other Linux OS, for test only.
Posts: 11,620
|
|
|
|
|
|
08-20-2009, 02:21 AM
|
#9
|
|
LQ Newbie
Registered: Aug 2009
Location: China
Posts: 25
Original Poster
Rep:
|
Quote:
Originally Posted by knudfl
|
Thank you! The following picture is when I input sudo /opt/nepenthes/bin/nepenthes ,I get: 开始图片2.jpg
I want to know does that mean I have start nepenthes? But there is nothing in : /var/lib/nepenthes/binaries/ as well as /var/log/nepenthes/logged_submissions
/var/log/nepenthes/logged_downloads
I want to know why this happen?
Thank you helping me again.
|
|
|
|
|
08-20-2009, 09:00 PM
|
#10
|
|
LQ Newbie
Registered: Aug 2009
Location: China
Posts: 25
Original Poster
Rep:
|
run nepenthes
Hi everyone, I have installed nepenthes on my VM with the system of Ubuntu 8.04 ,and my host computer uses WindowsXP. The following picture is when I input sudo /opt/nepenthes/bin/nepenthes ,I get 开始图片2.jpg
I want to know does that mean I have start nepenthes? But after hours there is still nothing in : /var/lib/nepenthes/binaries/
as well as /var/log/nepenthes/logged_submissions
/var/log/nepenthes/logged_downloads
I want to know why this happen? Does it have anything to do with my host firewall? Thank you for your help in advance.
|
|
|
|
|
08-21-2009, 04:23 AM
|
#11
|
|
Moderator
Registered: May 2001
Posts: 24,806
|
Reported as duplicate post.
|
|
|
|
|
08-21-2009, 02:21 PM
|
#12
|
|
Member
Registered: Nov 2005
Location: Land of Linux :: Finland
Distribution: Quad boot :: Windows vista 64-bit | Vector Linux | Slackware 13.0 64-Bit | Debian 6.0 64-bit
Posts: 138
Rep:
|
Quote:
Originally Posted by glg
The following picture is when I input sudo /opt/nepenthes/bin/nepenthes ,I get Attachment 1284
I want to know does that mean I have start nepenthes?
|
It means that nepenthes is running ok.
Quote:
Originally Posted by glg
Does it have anything to do with my host firewall?
|
Yes, you need to open ports depending on what vulnerability modules you are using.
From nepenthes.conf:
Code:
56 // vulnerability modules
57 "vulnbagle.so", "vuln-bagle.conf", ""
58 "vulndameware.so", "vuln-dameware.conf", ""
59 "vulndcom.so", "vuln-dcom.conf", ""
60 "vulnftpd.so", "vuln-ftpd.conf", ""
61 "vulniis.so", "vuln-iis.conf", ""
62 "vulnkuang2.so", "vuln-kuang2.conf", ""
63 "vulnlsass.so", "vuln-lsass.conf", ""
64 "vulnmsmq.so", "vuln-msmq.conf", ""
65 "vulnmsdtc.so", "vuln-msdtc.conf", ""
66 "vulnmssql.so", "vuln-mssql.conf", ""
67 "vulnmydoom.so", "vuln-mydoom.conf", ""
68 "vulnnetbiosname.so", "vuln-netbiosname.conf", ""
69 "vulnnetdde.so", "vuln-netdde.conf", ""
70 "vulnoptix.so", "vuln-optix.conf", ""
71 "vulnpnp.so", "vuln-pnp.conf", ""
72 "vulnsasserftpd.so", "vuln-sasserftpd.conf", ""
73 "vulnsub7.so", "vuln-sub7.conf", ""
74 "vulnupnp.so", "vuln-upnp.conf", ""
75 "vulnveritas.so", "vuln-veritas.conf", ""
76 "vulnwins.so", "vuln-wins.conf", ""
77 "vulnasn1.so", "vuln-asn1.conf", ""
78 "vulnms08067.so", "vuln-ms08067.conf", ""
Here is a list of ports you need to open.
Code:
ville@MintBox ~/Desktop $ sudo netstat -auntp | grep -i nepenthes
tcp 0 0 0.0.0.0:1025 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:3140 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:135 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:5000 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:42 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:3372 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:6129 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:5554 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:27347 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:17300 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:3127 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:2103 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:2105 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:2745 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:2107 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:220 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:1023 0.0.0.0:* LISTEN 25516/nepenthes
udp 0 0 0.0.0.0:1434 0.0.0.0:* 26767/nepenthes
udp 0 0 0.0.0.0:1434 0.0.0.0:* 25516/nepenthes
|
|
|
|
|
08-21-2009, 09:17 PM
|
#13
|
|
LQ Newbie
Registered: Aug 2009
Location: China
Posts: 25
Original Poster
Rep:
|
Quote:
Originally Posted by //////
It means that nepenthes is running ok.
Yes, you need to open ports depending on what vulnerability modules you are using.
From nepenthes.conf:
Code:
56 // vulnerability modules
57 "vulnbagle.so", "vuln-bagle.conf", ""
58 "vulndameware.so", "vuln-dameware.conf", ""
59 "vulndcom.so", "vuln-dcom.conf", ""
60 "vulnftpd.so", "vuln-ftpd.conf", ""
61 "vulniis.so", "vuln-iis.conf", ""
62 "vulnkuang2.so", "vuln-kuang2.conf", ""
63 "vulnlsass.so", "vuln-lsass.conf", ""
64 "vulnmsmq.so", "vuln-msmq.conf", ""
65 "vulnmsdtc.so", "vuln-msdtc.conf", ""
66 "vulnmssql.so", "vuln-mssql.conf", ""
67 "vulnmydoom.so", "vuln-mydoom.conf", ""
68 "vulnnetbiosname.so", "vuln-netbiosname.conf", ""
69 "vulnnetdde.so", "vuln-netdde.conf", ""
70 "vulnoptix.so", "vuln-optix.conf", ""
71 "vulnpnp.so", "vuln-pnp.conf", ""
72 "vulnsasserftpd.so", "vuln-sasserftpd.conf", ""
73 "vulnsub7.so", "vuln-sub7.conf", ""
74 "vulnupnp.so", "vuln-upnp.conf", ""
75 "vulnveritas.so", "vuln-veritas.conf", ""
76 "vulnwins.so", "vuln-wins.conf", ""
77 "vulnasn1.so", "vuln-asn1.conf", ""
78 "vulnms08067.so", "vuln-ms08067.conf", ""
Here is a list of ports you need to open.
Code:
ville@MintBox ~/Desktop $ sudo netstat -auntp | grep -i nepenthes
tcp 0 0 0.0.0.0:1025 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:3140 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:135 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:5000 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:42 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:3372 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:6129 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:5554 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:27347 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:17300 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:3127 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:2103 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:2105 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:2745 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:2107 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:220 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 25516/nepenthes
tcp 0 0 0.0.0.0:1023 0.0.0.0:* LISTEN 25516/nepenthes
udp 0 0 0.0.0.0:1434 0.0.0.0:* 26767/nepenthes
udp 0 0 0.0.0.0:1434 0.0.0.0:* 25516/nepenthes
|
Thank you! When I see the file nepenthes.so,it has all the vulnerability modules except
78 "vulnms08067.so", "vuln-ms08067.conf", ""
Is this the reason why I get nothing? However,after I have add it to this file, there is still nothing in /var/lib/nepenthes/binaries
and /var/log/nepenthes/logged_submissions .
When I run sudo netstat -auntp | grep -i nepenthes , I get all the ports that you listed above, except the last two udp, I get only one of them ,I do not why you get two udp connection. Does it matter with the problem that I get nothing in /var/lib/nepenthes/binaries
and /var/log/nepenthes/logged_submissions ?
Thank you for your precious time.
glg |
|
|
|
|
08-22-2009, 03:07 AM
|
#14
|
|
Member
Registered: Nov 2005
Location: Land of Linux :: Finland
Distribution: Quad boot :: Windows vista 64-bit | Vector Linux | Slackware 13.0 64-Bit | Debian 6.0 64-bit
Posts: 138
Rep:
|
Quote:
Originally Posted by glg
Thank you! When I see the file nepenthes.so,it has all the vulnerability modules except
78 "vulnms08067.so", "vuln-ms08067.conf", ""
Is this the reason why I get nothing?
|
No, it doesnt matter, its not the reason, the reason seems to be host firewall.
Have you opened your ports? If you have opened those try doing a service scan so you can be sure of it.
http://centralops.net/co/DomainDossier.aspx
You should see something like this:
(I opened ftp port for example)
Code:
Address lookup
canonical name yycccxxii.gprs.sl-laajakaista.fi.
aliases
addresses 85.76.221.xx
Service scan
FTP - 21 220 ---freeFTPd 1.0---warFTPd 1.65---
SMTP - 25 Error: TimedOut
HTTP - 80 Error: TimedOut
POP3 - 110 Error: TimedOut
IMAP - 143 Error: TimedOut
-- end --
And in nepenthes you should see this:
Code:
[ warn module ] Unknown exploit 0 bytes
screenshot |
|
|
|
|
08-22-2009, 09:24 AM
|
#15
|
|
LQ Veteran
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Arch/XFCE
Posts: 17,797
|
Please post your thread in only one forum. Posting a single thread in the most relevant forum will make it easier for members to help you and will keep the discussion in one place. The duplicate threads have been merged---since both had replies.
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 01:33 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
