Update to honeyd 1.5

New features include: * Statistics Collector: A daemon that can process netflow-like information exported by several Honeyd instances and do computations on the data - see live data. * Improved Subsystems: Improved support for subsystems permits running more complicated UNIX applications like mwcollect as a subsystem for Honeyd. * Proxy and SMTP subsystems: Example subsystems to simulate open proxies and mail relays. These subsystems are written with performance in mind and have no problem in keeping up with a busy network. Bugfixes include: A bug in Honeyd's IP reassembly code allows adversaries to remotely fingerprint honeypots. Thanks to Jon Oberheide for finding the bug; see adv.2006-01 for more information
2006-02-19 17:23:18 +00:00 · 2006-02-19 17:23:18 +00:00 · 0f0f3453b3
commit 0f0f3453b3
parent df690f34e3
5 changed files with 73 additions and 29 deletions
--- a/security/honeyd/Makefile
+++ b/security/honeyd/Makefile
@ -1,16 +1,15 @@
-# $NetBSD: Makefile,v 1.14 2006/02/05 23:10:44 joerg Exp $
+# $NetBSD: Makefile,v 1.15 2006/02/19 17:23:18 adrianp Exp $
 #

-DISTNAME=	honeyd-1.0
-PKGREVISION=	2
+DISTNAME=	honeyd-1.5
 CATEGORIES=	security net
-MASTER_SITES=	http://niels.xtdnet.nl/honeyd/
+MASTER_SITES=	http://www.citi.umich.edu/u/provos/honeyd/

 MAINTAINER=	adrianp@NetBSD.org
-HOMEPAGE=	http://niels.xtdnet.nl/honeyd/index.php
+HOMEPAGE=	http://www.honeyd.org/
 COMMENT=	Small daemon that creates virtual hosts on a network

-DEPENDS+=       honeyd-arpd>=0.2:../../security/honeyd-arpd
+DEPENDS+=	honeyd-arpd>=0.2:../../security/honeyd-arpd

 GNU_CONFIGURE=		YES
 USE_LIBTOOL=		YES
@ -28,18 +27,23 @@ EGDIR=			${PREFIX}/share/examples/${PKGBASE}
 DOCDIR=			${PREFIX}/share/doc/${PKGBASE}

 .for f in ${DIST_CONF_FILES}
-CONF_FILES+=		${EGDIR}/${f} ${PKG_SYSCONFDIR}/${f}
+CONF_FILES+=		${EGDIR:Q}/${f:Q} ${PKG_SYSCONFDIR:Q}/${f:Q}
 .endfor

 .include "../../devel/libevent/buildlink3.mk"
+.include "../../devel/libdnsres/buildlink3.mk"
 .include "../../devel/ncurses/buildlink3.mk"
 .include "../../devel/readline/buildlink3.mk"
 .include "../../devel/zlib/buildlink3.mk"
 .include "../../net/libdnet/buildlink3.mk"
 .include "../../net/libpcap/buildlink3.mk"
+.include "../../devel/pcre/buildlink3.mk"
+
+pre-install:
+	${INSTALL_DATA_DIR} ${PREFIX:Q}/share/examples/honeyd

 post-install:
 	${INSTALL_DATA_DIR} ${DOCDIR}
-	${INSTALL_DATA} ${WRKSRC}/README ${DOCDIR}
+	${INSTALL_DATA} ${WRKSRC:Q}/README ${DOCDIR:Q}

 .include "../../mk/bsd.pkg.mk"
--- a/security/honeyd/PLIST
+++ b/security/honeyd/PLIST
@ -1,6 +1,7 @@
-@comment $NetBSD: PLIST,v 1.5 2005/05/02 20:34:04 reed Exp $
+@comment $NetBSD: PLIST,v 1.6 2006/02/19 17:23:18 adrianp Exp $
 bin/honeyd
 bin/honeydctl
+bin/honeydstats
 include/honeyd/debug.h
 include/honeyd/hooks.h
 include/honeyd/plugins.h
@ -14,6 +15,8 @@ share/examples/honeyd/config.sample
 share/examples/honeyd/nmap.assoc
 share/examples/honeyd/nmap.prints
 share/examples/honeyd/pf.os
+share/examples/honeyd/proxy
+share/examples/honeyd/smtp
 share/examples/honeyd/webserver/htdocs/config.py
 share/examples/honeyd/webserver/htdocs/graphs/traffic_daily.gif
 share/examples/honeyd/webserver/htdocs/graphs/traffic_hourly.gif
--- a/security/honeyd/distinfo
+++ b/security/honeyd/distinfo
@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.3 2005/02/24 13:10:06 agc Exp $
+$NetBSD: distinfo,v 1.4 2006/02/19 17:23:18 adrianp Exp $

-SHA1 (honeyd-1.0.tar.gz) = abff00cf7815b6448e5432be8b4710f39bf2119f
-RMD160 (honeyd-1.0.tar.gz) = d5c28f8987dd22d266348cf908f008423a63fc49
-Size (honeyd-1.0.tar.gz) = 600339 bytes
-SHA1 (patch-aa) = 83d823e891e2837fab85a0cda5a67dded772c97d
+SHA1 (honeyd-1.5.tar.gz) = 88729f9efa38d2c9385b6468bfd9b72a6dedf48c
+RMD160 (honeyd-1.5.tar.gz) = 37163ae6acdd90ea8bceb38e91791e3ab28e54b1
+Size (honeyd-1.5.tar.gz) = 893208 bytes
+SHA1 (patch-aa) = b69d986bd1a5c1847f4f5467216730da020c8686
--- a/security/honeyd/files/honeyd.sh
+++ b/security/honeyd/files/honeyd.sh
@ -1,6 +1,6 @@
 #!@RCD_SCRIPTS_SHELL@
 #
-# $NetBSD: honeyd.sh,v 1.1.1.1 2004/04/20 09:14:43 xtraeme Exp $
+# $NetBSD: honeyd.sh,v 1.2 2006/02/19 17:23:18 adrianp Exp $
 #

 # PROVIDE: honeyd
@ -12,7 +12,7 @@
 name="honeyd"
 rcvar=$name
 command="@PREFIX@/bin/${name}"
-pidfile="/var/run/${name}.pid"
+pidfile="@VARBASE@/run/${name}.pid"

 load_rc_config $name
 run_rc_command "$1"
--- a/security/honeyd/patches/patch-aa
+++ b/security/honeyd/patches/patch-aa
@ -1,7 +1,17 @@
-$NetBSD: patch-aa,v 1.3 2005/04/20 14:34:45 wiz Exp $
--- Makefile.in.orig	2005-01-13 10:48:06.000000000 +0000
-+++ Makefile.in	2005-01-13 10:52:09.000000000 +0000
-@@ -112,10 +112,10 @@
+$NetBSD: patch-aa,v 1.4 2006/02/19 17:23:18 adrianp Exp $
+
+--- Makefile.in.orig	2006-02-12 02:11:06.000000000 +0000
+++ Makefile.in
+@@ -169,7 +169,7 @@ AUTOMAKE = @AUTOMAKE@
+ AWK = @AWK@
+ CC = @CC@
+ CCDEPMODE = @CCDEPMODE@
+-CFLAGS = -O2 -Wall -g \
+CFLAGS += \
+ 	-DPATH_HONEYDINCLUDE="\"$(honeydincludedir)\"" \
+ 	-DPATH_HONEYDDATA="\"$(honeyddatadir)\"" \
+ 	-DPATH_HONEYDLIB="\"$(honeydlibdir)\"" \
+@@ -321,10 +321,10 @@ libhoneyddir = $(libdir)/honeyd
 libhoneyd_DATA = libhoneyd.so
 
 # Configuration files for Honeyd
@ -9,17 +19,44 @@ $NetBSD: patch-aa,v 1.3 2005/04/20 14:34:45 wiz Exp $
 +honeyddatadir = $(datadir)/examples/honeyd
 honeydlibdir = $(libdir)/honeyd
 honeydincludedir = $(includedir)/honeyd
-honeyddata_DATA = README nmap.assoc xprobe2.conf nmap.prints config.sample 		config.ethernet pf.os
-+honeyddata_DATA = nmap.assoc xprobe2.conf nmap.prints config.sample config.ethernet pf.os
- 
+-honeyddata_DATA = README nmap.assoc xprobe2.conf nmap.prints config.sample \
+honeyddata_DATA = nmap.assoc xprobe2.conf nmap.prints config.sample \
+ 		config.ethernet pf.os
 
 honeydplugins = @PLUGINS@
-@@ -152,7 +152,7 @@
- honeydctl_INCLUDES = @EDITINC@
- honeydctl_CFLAGS = -O2 -Wall
+@@ -364,7 +364,7 @@ honeydstats_LDADD = @LIBOBJS@ @DNETLIB@ 
+ honeydstats_CPPFLAGS = -I$(top_srcdir)/@DNETCOMPAT@ -I$(top_srcdir)/compat \
+ 	@EVENTINC@ @DNETINC@ @ZINC@ @DNSRESINC@
 
-CFLAGS = -O2 -Wall -g 	-DPATH_HONEYDINCLUDE="\"$(honeydincludedir)\"" 	-DPATH_HONEYDDATA="\"$(honeyddatadir)\"" 	-DPATH_HONEYDLIB="\"$(honeydlibdir)\"" 	-DHONEYD_PLUGINS_DECLARE="$(honeydpluginsdeclare)" 	-DHONEYD_PLUGINS="$(honeydplugins)" 	-DPATH_RRDTOOL="\"$(PATH_RRDTOOL)\""
-+CFLAGS += -DPATH_HONEYDINCLUDE="\"$(honeydincludedir)\"" 	-DPATH_HONEYDDATA="\"$(sysconfdir)\"" 	-DPATH_HONEYDLIB="\"$(honeydlibdir)\"" 	-DHONEYD_PLUGINS_DECLARE="$(honeydpluginsdeclare)" 	-DHONEYD_PLUGINS="$(honeydplugins)" 	-DPATH_RRDTOOL="\"$(PATH_RRDTOOL)\""
+-honeydstats_CFLAGS = -O0 -Wall
+honeydstats_CFLAGS =
 
+ #
+ # Honeyd control application
+@@ -372,7 +372,7 @@ honeydstats_CFLAGS = -O0 -Wall
+ honeydctl_SOURCES = honeydctl.c
+ honeydctl_LDADD = @LIBOBJS@ @EDITLIB@ @LIBCURSES@
+ honeydctl_CPPFLAGS = @EDITINC@
+-honeydctl_CFLAGS = -O2 -Wall
+honeydctl_CFLAGS =
+ INCLUDES = -I$(top_srcdir)/@DNETCOMPAT@ -I$(top_srcdir)/compat \
+ 	@PYTHONINC@ @EVENTINC@ @PCAPINC@ @DNETINC@ @ZINC@
 
- INCLUDES = -I$(top_srcdir)/@DNETCOMPAT@ -I$(top_srcdir)/compat 	@PYTHONINC@ @EVENTINC@ @PCAPINC@ @DNETINC@ @ZINC@
+@@ -387,7 +387,7 @@ smtp_LDADD = @LIBOBJS@ @EVENTLIB@ @DNETL
+ smtp_CPPFLAGS = -I$(top_srcdir)/@DNETCOMPAT@ -I$(top_srcdir)/compat \
+ 	@EVENTINC@ @DNETINC@ @DNSRESINC@ @PCREINC@
+ 
+-smtp_CFLAGS = -O2 -Wall
+smtp_CFLAGS =
+ proxy_SOURCES = subsystems/proxy.c subsystems/proxy.h subsystems/proxy_main.c \
+ 	subsystems/proxy_messages.h subsystems/smtp.c subsystems/smtp.h \
+ 	subsystems/smtp_messages.h atomicio.c \
+@@ -397,7 +397,7 @@ proxy_LDADD = @LIBOBJS@ @EVENTLIB@ @DNET
+ proxy_CPPFLAGS = -I$(top_srcdir)/@DNETCOMPAT@ -I$(top_srcdir)/compat \
+ 	@EVENTINC@ @DNETINC@ @DNSRESINC@ @PCREINC@
+ 
+-proxy_CFLAGS = -O2 -Wall
+proxy_CFLAGS =
+ 
+ ########################################################################
+ ########################################################################