LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 08-31-2009, 09:11 PM   #1
glg
LQ Newbie
 
Registered: Aug 2009
Location: China
Posts: 25

Rep: Reputation: 15
Install Honeytrap problem


Hi everyone,
I am running Ubuntu 8.04 on VM and have installed libnfnetlink-0.0.41 and libnetfilter_queue-0.0.17 and then installed honeytrap-1.0.0 , however when I run cd /usr/local sbin/honeytrap , it responses: error while loading shared libraries:libnetfilter_queue.so.1:can not open shared object file:no such file or directory , but I can find libnetfilter_queue.so.1 in /usr/local/lib ,I do not why this happen.Can anyone help me ?
Thanks in advance.
 
Old 09-01-2009, 10:00 AM   #2
knudfl
LQ 5k Club
 
Registered: Jan 2008
Location: Copenhagen DK
Distribution: PCLinuxOS2020 CentOS6.10 CentOS7.7 + 50+ other Linux OS, for test only.
Posts: 17,425

Rep: Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622
I guess, honeytrap is hard coded to look in /usr/lib/ only.

So either configure libnfnetlink and libnetfilter_queue
with : ./configure --prefix=/usr
or : 1) cd /usr/lib/
2) sudo ln -s /usr/local/lib/libnetfilter_queue.so.1
etc. etc. , if more files are asked for.

Then 'sudo /usr/local/sbin/honeytrap' will start ...
.....
 
Old 09-01-2009, 09:19 PM   #3
glg
LQ Newbie
 
Registered: Aug 2009
Location: China
Posts: 25

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by knudfl View Post
I guess, honeytrap is hard coded to look in /usr/lib/ only.

So either configure libnfnetlink and libnetfilter_queue
with : ./configure --prefix=/usr
or : 1) cd /usr/lib/
2) sudo ln -s /usr/local/lib/libnetfilter_queue.so.1
etc. etc. , if more files are asked for.

Then 'sudo /usr/local/sbin/honeytrap' will start ...
.....
Thank you for your help.
I reinstall pkg-config-0.23 with ./configure --prefix=/usr make& make install and libnfnetlink-.0.0.41 with ./configure --prefix=/usr make& make install and libnetfilter_queue-0.0.17 with ./configure make& make install, then honeytrap-1.0.0 with ./configure --prefix=/opt/honeytrap ,
however, when I run /opt/honeytrap ,sbin/honeytrap,it responses:
Error -Unable to load plugin htm_ClamAV.so,No such file or directory.Please see the affix
Click image for larger version

Name:	Ubuntu-2009-09-02-10-13-28.jpg
Views:	22
Size:	100.6 KB
ID:	1380

Do you know why this happen?

when I see /opt/honeytrap/etc/honeytrap/plugins,I only find htm_b64Decode.so, htm_ftpDownload.so ,htm_httpDownload.so, htm_SaveFile.so, htm_tftpDownload.so, htm_vncDownload.so , where can I download the rest ,such as htm_cspm.so and htm_ClamAV.so? What's more, could you tell me the honeytrap install steps in detail and how to use it . I can not open http://honeytrap.sourceforge.net/.
Thank you again.
glg




Thank you!

Last edited by glg; 09-01-2009 at 09:58 PM.
 
Old 09-04-2009, 05:28 PM   #4
knudfl
LQ 5k Club
 
Registered: Jan 2008
Location: Copenhagen DK
Distribution: PCLinuxOS2020 CentOS6.10 CentOS7.7 + 50+ other Linux OS, for test only.
Posts: 17,425

Rep: Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622
sudo apt-get install libclamav-dev

cd honeytrap
./configure --with-stream-mon=nfq --with-clamav

Please see ' ./configure --help ' for the other 5 options.

Uncomment line 134-135, src/modules/htm_ClamAV.c
( or delete the lines.)
Code:
/*      limits.maxmailrec       = 64;      *//* maximum recursion level for mail files */
/*      limits.maxratio         = 200;     *//* maximum compression ratio */
May be add this line ( 18 )
http://svn.carnivore.it/changeset/1698

make && make install
.....

More information ? :
http://www.google.com/linux
http://www.google.com/linux?hl=da&q=...p&btnG=Søg&lr=
.....

Last edited by knudfl; 09-04-2009 at 05:56 PM.
 
Old 09-05-2009, 02:59 AM   #5
glg
LQ Newbie
 
Registered: Aug 2009
Location: China
Posts: 25

Original Poster
Rep: Reputation: 15
Smile

Quote:
Originally Posted by knudfl View Post
sudo apt-get install libclamav-dev

cd honeytrap
./configure --with-stream-mon=nfq --with-clamav

Please see ' ./configure --help ' for the other 5 options.

Uncomment line 134-135, src/modules/htm_ClamAV.c
( or delete the lines.)
Code:
/*      limits.maxmailrec       = 64;      *//* maximum recursion level for mail files */
/*      limits.maxratio         = 200;     *//* maximum compression ratio */
May be add this line ( 18 )
http://svn.carnivore.it/changeset/1698

make && make install
.....

More information ? :
http://www.google.com/linux
http://www.google.com/linux?hl=da&q=...p&btnG=Søg&lr=
.....
Thank you for your help. I followed your advise and did :
sudo apt-get install libclamav-dev
cd honeytrap
./configure --with-stream-mon=nfq --with-clamav --with-cspm --with-spamsum --with-submit-mwserv

But it said :

The submitMWserv is still unstable and should not be used in production setups.
Use --enable-devmodules to build it anyway.

why?

Then I run: ./configure --with-stream-mon=nfq --with-clamav --with-cspm --with-spamsum --with-submit-mwserv --enable-devmodules

But it said :
Error :libcurl heads not found.Install them or use the following options:
--with-libcurl-includes=\133location of libcurl header files\135

How to install it? I have installed libcurl4-openssl-dev.Does it right?

then I run :./configure --with-stream-mon=nfq --with-clamav --with-cspm --with-spamsum --with-submit-mwserv --enable-devmodules
--with-libcurl-includes=\133location of libcurl header files\135

But it said :
Checking build system type... Invalid configuration 'of' :machine 'of' not recognized
configure: error: /bin/bash ./config.sub of failed

Do you know why this happen?
Thank you for your help again.
 
Old 09-05-2009, 03:30 AM   #6
knudfl
LQ 5k Club
 
Registered: Jan 2008
Location: Copenhagen DK
Distribution: PCLinuxOS2020 CentOS6.10 CentOS7.7 + 50+ other Linux OS, for test only.
Posts: 17,425

Rep: Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622
' libcurl4-openssl-dev ' is the package, Ubuntu.

./configure --with-libcurl-includes=/usr/include/curl/

But be aware, that not all options are implemented,
only use things, that work.
Or don't use honeytrap : Not updated for years.
.....
With only a hundred relevant hits in Google, the total
number of users is probably close to zero, if any at all.
.....

Last edited by knudfl; 09-05-2009 at 04:06 AM.
 
Old 09-05-2009, 09:25 PM   #7
glg
LQ Newbie
 
Registered: Aug 2009
Location: China
Posts: 25

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by knudfl View Post
' libcurl4-openssl-dev ' is the package, Ubuntu.

./configure --with-libcurl-includes=/usr/include/curl/

But be aware, that not all options are implemented,
only use things, that work.
Or don't use honeytrap : Not updated for years.
.....
With only a hundred relevant hits in Google, the total
number of users is probably close to zero, if any at all.
.....
Thank you again. Someone ask me to test honeytrap, hence I have to use it . When I run :
./configure --with-stream-mon=nfq --with-clamav --with-cspm --with-spamsum --with-submit-mwserv --enable-devmodules
--with-libcurl-includes=/usr/include/curl/

when I run make,it said:

htm_ClamAV.c:130: error: invalid application of 'sizeof' to incomplete type 'struct cl_limits'
htm_ClamAV.c:131: error: invalid use of undefined type 'struct cl_limits'
htm_ClamAV.c:132: error: invalid use of undefined type 'struct cl_limits'
htm_ClamAV.c:133: error: invalid use of undefined type 'struct cl_limits'
htm_ClamAV.c: In function 'clamscan':
htm_ClamAV.c:189: warning: passing argument 5 of 'cl_scandesc' makes integer from pointer without a cast
htm_ClamAV.c:189: error: too many arguments to function 'cl_scandesc'
make[4]: *** [htm_ClamAV.lo] error 1
make[4]:leaving the directory `/root/Desktop/honeytrap-1.0.0/src/modules'
make[3]: *** [all-recursive] error 1
make[3]:leaving the directory `/root/Desktop/honeytrap-1.0.0/src/modules'
make[2]: *** [all-recursive] error 1
make[2]:leaving the directory `/root/Desktop/honeytrap-1.0.0/src'
make[1]: *** [all-recursive] error 1
make[1]:leaving the directory `/root/Desktop/honeytrap-1.0.0'
make: *** [all] error 2

Please see the affix:Click image for larger version

Name:	Ubuntu-2009-09-06-10-08-33.jpg
Views:	16
Size:	141.6 KB
ID:	1404

Someone advised me to comment out the corresponding section in my config file, however,I do not know where they are. Do you know how to do it ?

Thank you for your precious time.
glg
 
Old 09-06-2009, 04:16 AM   #8
knudfl
LQ 5k Club
 
Registered: Jan 2008
Location: Copenhagen DK
Distribution: PCLinuxOS2020 CentOS6.10 CentOS7.7 + 50+ other Linux OS, for test only.
Posts: 17,425

Rep: Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622
I guess, you will need some luck too, a clean install of 8.0.4.1 ?
.. I get the same errors as you on one other system ( pclos ),
but not on 8.0.4.1.
EDIT : Will compile one Debian Etch too, no editing of htm_ClamAV.c
was done, making the install result the most perfect of the two.

Commenting out in configure : that would leave out the options, you want.
So all the "required" are used in this line :
Code:
./configure --with-stream-mon=nfq --with-clamav --with-cspm --with-spamsum --with-submit-mwserv --enable-devmodules --with-libcurl-includes=/usr/include/curl/ --prefix=/opt/
Code:
   ----- honeytrap configuration -----

  General options
    ( )  Debugging
    ( )  Profiling
    (X)  Unstable Modules
    ( )  Electric Fence

  Connection monitor
    ( )  Linux ip_queue (ipq)
    ( )  FreeBSD ipfw (ipfw)
    (X)  Linux libnetfilter_queue (nfq)
    ( )  Libpcap (pcap)

  Optional plugins
    (X)  ClamAV
    ( )  cpuEmu
    (X)  CSPM
    ( )  PostgeSQL
    (X)  SpamSum
    (X)  submitMwserv
make
sudo make install
Code:
ls /opt/etc/honeytrap/plugins/
htm_b64Decode.so    htm_httpDownload.so  htm_tftpDownload.so
htm_ClamAV.so       htm_SaveFile.so      htm_vncDownload.so
htm_cspm.so         htm_SpamSum.so
htm_ftpDownload.so  htm_submitMwserv.so
P.S.: May be 'Google' for honeypot, if that is the purpose,
... to see other methods ...
http://www.google.com/linux
http://www.google.com/linux?hl=da&q=...t&btnG=Søg&lr=
http://wiki.linuxquestions.org/wiki/Honeypot
.....

Last edited by knudfl; 09-06-2009 at 08:57 AM.
 
Old 09-06-2009, 08:55 AM   #9
knudfl
LQ 5k Club
 
Registered: Jan 2008
Location: Copenhagen DK
Distribution: PCLinuxOS2020 CentOS6.10 CentOS7.7 + 50+ other Linux OS, for test only.
Posts: 17,425

Rep: Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622
'honeytrap-1.0.0' will compile perfect on Ubuntu 8.04 with
the older libclamav2_0.90.1dfsg-4etch19_i386.deb ,
libclamav-dev_0.90.1dfsg-4etch19_i386.deb for Debian Etch.
http://security.debian.org/debian-se...tch19_i386.deb
http://security.debian.org/debian-se...tch19_i386.deb
And again, no editing of htm_ClamAV.c is needed.

I guess, honeytrap was designed for this version.
.....

Last edited by knudfl; 09-06-2009 at 09:00 AM.
 
Old 09-07-2009, 09:47 PM   #10
glg
LQ Newbie
 
Registered: Aug 2009
Location: China
Posts: 25

Original Poster
Rep: Reputation: 15
Smile

Quote:
Originally Posted by knudfl View Post
'honeytrap-1.0.0' will compile perfect on Ubuntu 8.04 with
the older libclamav2_0.90.1dfsg-4etch19_i386.deb ,
libclamav-dev_0.90.1dfsg-4etch19_i386.deb for Debian Etch.
http://security.debian.org/debian-se...tch19_i386.deb
http://security.debian.org/debian-se...tch19_i386.deb
And again, no editing of htm_ClamAV.c is needed.

I guess, honeytrap was designed for this version.
.....
Thank you for your precious time.
After I have done: sudo dpkg -i libclamav2_0.90.1dfsg-4etch19_i386.deb and then make honeytrap-1.0.0 on Ubuntu 8.04 ,the error is still come out. Could you please tell me how to skip edite of htm_ClamAV.c?
Thank you again!
glg
 
Old 09-08-2009, 03:01 AM   #11
knudfl
LQ 5k Club
 
Registered: Jan 2008
Location: Copenhagen DK
Distribution: PCLinuxOS2020 CentOS6.10 CentOS7.7 + 50+ other Linux OS, for test only.
Posts: 17,425

Rep: Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622
Probably : 1) dpkg -r clamav-dev
2) dpkg -i libclamav-dev_0.90.1dfsg-4etch19_i386.deb

http://security.debian.org/debian-se...tch19_i386.deb

if you missed the downgrade to the "version 2 -dev"
or forgot it. Both packages are required.

But anyway, you can always get the the packages,
I created : click my name, send an email, and the
pakage(s) will be attached to a return mail.
honeytrap-1.0.0etch_i386-2_all.deb , 214 kB
honeytrap-1.0.0_i386-2_all.deb ( Ubuntu , 242 kB ).
.....
 
Old 09-08-2009, 09:43 PM   #12
glg
LQ Newbie
 
Registered: Aug 2009
Location: China
Posts: 25

Original Poster
Rep: Reputation: 15
Smile

Quote:
Originally Posted by knudfl View Post
Probably : 1) dpkg -r clamav-dev
2) dpkg -i libclamav-dev_0.90.1dfsg-4etch19_i386.deb

http://security.debian.org/debian-se...tch19_i386.deb

if you missed the downgrade to the "version 2 -dev"
or forgot it. Both packages are required.

But anyway, you can always get the the packages,
I created : click my name, send an email, and the
pakage(s) will be attached to a return mail.
honeytrap-1.0.0etch_i386-2_all.deb , 214 kB
honeytrap-1.0.0_i386-2_all.deb ( Ubuntu , 242 kB ).
.....

Thank you again and again.
When I installed dpkg -i libclamav-dev_0.90.1dfsg-4etch19_i386.deb and then make honeytrap, the error still exists.
Could you please tell me how to do the first step,that is:1) dpkg -r clamav-dev , which clamav-dev version do I need? Besides, after you have passed me honeytrap-1.0.0etch_i386-2_all.deb , 214 kB
honeytrap-1.0.0_i386-2_all.deb ( Ubuntu , 242 kB ), could you please tell me how to install them and how to run them in detail.
Thank you for helping me.
glg
 
Old 09-09-2009, 01:10 AM   #13
knudfl
LQ 5k Club
 
Registered: Jan 2008
Location: Copenhagen DK
Distribution: PCLinuxOS2020 CentOS6.10 CentOS7.7 + 50+ other Linux OS, for test only.
Posts: 17,425

Rep: Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622
There can only be one version of libclamav-dev installed.
All 3 (4?) versions have the same name : libclamav-dev .
No version ! So 'dpkg -r libclamav-dev' will just remove
the currently installed version. 'dpkg -l libclamav-dev'
will show the installed version ...
... or please have a look in Synaptic.

About errors : the command 'make distclean' can be used
for every new try. Then rerun the "long" configure line
and you can do 'make' again.

Using honeytrap : Just read the few hits in "Google/linux"
http://www.google.com/linux for a start.
And please read 'man honeytrap' + etc/honeytrap.conf

( I will also try, if I somehow can start it.)
.....

Last edited by knudfl; 09-09-2009 at 01:44 AM.
 
Old 09-09-2009, 02:52 AM   #14
glg
LQ Newbie
 
Registered: Aug 2009
Location: China
Posts: 25

Original Poster
Rep: Reputation: 15
Smile

Quote:
Originally Posted by knudfl View Post
There can only be one version of libclamav-dev installed.
All 3 (4?) versions have the same name : libclamav-dev .
No version ! So 'dpkg -r libclamav-dev' will just remove
the currently installed version. 'dpkg -l libclamav-dev'
will show the installed version ...
... or please have a look in Synaptic.

About errors : the command 'make distclean' can be used
for every new try. Then rerun the "long" configure line
and you can do 'make' again.

Using honeytrap : Just read the few hits in "Google/linux"
http://www.google.com/linux for a start.
And please read 'man honeytrap' + etc/honeytrap.conf

( I will also try, if I somehow can start it.)
.....
Thank you. I do run honeytrap-1.0.0/make distclean ,then dpkg -r
libclamav-dev, then dpkg -i libclamav-dev_0.90.1dfsg-4etch19_i386.deb, then the "long" configure lines and do 'make' again , the error still exists.
You will also try it? If your have solved this problem, please tell me how to make it.
Thank you for your precious time.
glg
 
Old 09-09-2009, 07:29 AM   #15
knudfl
LQ 5k Club
 
Registered: Jan 2008
Location: Copenhagen DK
Distribution: PCLinuxOS2020 CentOS6.10 CentOS7.7 + 50+ other Linux OS, for test only.
Posts: 17,425

Rep: Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622Reputation: 3622
I am doing nothing different from you, it seems.
But I am not getting any errors.

So what is left, is to try out some packages, see # 11.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Install problem escalated to graphics problem Fice Linux - Software 1 01-04-2008 01:07 AM
Slack 11 install problem (cd install asks for /dev/fd0) cygnus-x1 Slackware 1 10-16-2006 10:30 AM
Sound Card problem(every time i install linux i have diffirent hardware problem) jacka1l Linux - Newbie 7 08-11-2005 06:10 AM
Slack 10.1 Install Problem(During Package Install) terdbird Slackware - Installation 2 04-22-2005 02:18 PM
dhcp problem in Debian netinst install..Help !! install. copter Linux - Networking 11 06-30-2004 01:14 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 12:00 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration