### Komputery z systemem Windows
create windows-web
set windows-web personality "Microsoft Windows Millennium Edition (Me), Windows 2000 Professional or Advanced Server, or Windows XP"
set windows-web default tcp action reset
set windows-web default udp action reset
set windows-web default icmp action open
add windows-web tcp port 80 "perl scripts/win2k/iisemulator-0.95/iisemul8.pl"
add windows-web tcp port 139 open
add windows-web tcp port 137 open
add windows-web tcp port 5900 "sh scripts/win2k/vnc.sh"
add windows-web udp port 137 open
add windows-web udp port 135 open

create windows-xchng
set windows-xchng personality "Microsoft Windows Millennium Edition (Me), Windows 2000 Professional or Advanced Server, or Windows XP"
set windows-xchng default tcp action reset
set windows-xchng default udp action reset
set windows-xchng default icmp action open
add windows-xchng tcp port 25 "sh scripts/win2k/exchange-smtp.sh"
add windows-xchng tcp port 110 "sh scripts/win2k/exchange-pop3.sh"
add windows-xchng tcp port 119 "sh scripts/win2k/exchange-nntp.sh"
add windows-xchng tcp port 143 "sh scripts/win2k/exchange-imap.sh"
add windows-xchng tcp port 5900 "sh scripts/win2k/vnc.sh"
add windows-xchng tcp port 139 open
add windows-xchng tcp port 137 open
add windows-xchng udp port 137 open
add windows-xchng udp port 135 open

### Komputer z systemem Solaris
create sol-mail
set sol-mail personality "Sun Solaris 9"
set sol-mail default tcp action reset
set sol-mail default udp action reset
set sol-mail default icmp action open
add sol-mail tcp port 110 "sh scripts/pop3.sh"
add sol-mail tcp port 25 "sh scripts/smtp.pl"
add sol-mail tcp port 22 open
add sol-mail tcp port 143 open
add sol-mail tcp port 993 open
-------------------------
bind 192.168.0.210 windows-web
bind 192.168.0.211 windows-xchng
bind 192.168.0.212 linux
-------------------------
arpd.c: In function 'arpd_lookup':
arpd.c:285: error: syntax error before string constant
arpd.c:294: error: syntax error before string constant
arpd.c:297: error: syntax error before string constant
arpd.c: In function 'arpd_recv_cb':
arpd.c:426: error: syntax error before string constant
make: *** [arpd.o] Error 1
-------------------------
# arpd 192.168.0.210-192.168.0.212
# cd /usr/local/share/honeyd
# honeyd -p nmap.prints -x xprobe2.conf -a nmap.assoc -0 pf.os -f honeyd.conf
honeyd[5861]: started with -p nmap.prints -x xprobe2.conf -a nmap.assoc -0 pf.os f
honeyd.conf
honeyd[5861]: listening on eth0: (arp or ip proto 47 or (ip )) and not ether src
00:0c:29:e2:2b:c1
Honeyd starting as background process
-------------------------
# nmap -sS -sU -O 192.168.0.210-212

Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2006-05-06 15:45 MDT
Interesting ports on 192.168.0.210:
(The 3132 ports scanned but not shown below are in state: closed)
PORT     STATE         SERVICE
80/tcp   open          http
135/udp  open|filtered msrpc
137/tcp  open          netbios-ns
137/udp  open|filtered netbios-ns
139/tcp  open          netbios-ssn
5900/tcp open          vnc
MAC Address: 08:00:46:0C:AA:DF (Sony)
Device type: general purpose
Running: Microsoft Windows 95/98/ME|NT/2K/XP
OS details: Microsoft Windows Millennium Edition (Me), Windows 2000 Professional or Advanced Server, or Windows XP

Interesting ports on 192.168.0.211:
(The 3129 ports scanned but not shown below are in state: closed)
PORT     STATE         SERVICE
25/tcp   open          smtp
110/tcp  open          pop3
119/tcp  open          nntp
135/udp  open|filtered msrpc
137/tcp  open          netbios-ns
137/udp  open|filtered netbios-ns
139/tcp  open          netbios-ssn
143/tcp  open          imap
5900/tcp open          vnc
MAC Address: 08:00:46:0C:AA:DF (Sony)
Device type: general purpose
Running: Microsoft Windows 95/98/ME|NT/2K/XP
OS details: Microsoft Windows Millennium Edition (Me), Windows 2000 Professional or Advanced Server, or Windows XP

Interesting ports on 192.168.0.212:
(The 3133 ports scanned but not shown below are in state: closed)
PORT    STATE SERVICE
22/tcp  open  ssh
25/tcp  open  smtp
110/tcp open  pop3
143/tcp open  imap
993/tcp open  imaps
MAC Address: 08:00:46:0C:AA:DF (Sony)
Device type: general purpose
Running: Sun Solaris 9
OS details: Sun Solaris 9
Uptime 0.080 days (since Sat May  6 13:50:40 2006)
-------------------------
create sol-mail
set sol-mail personality "Sun Solaris 9"
set sol-mail ethernet "08:00:20:23:45:EE"
set sol-mail default tcp action reset
set sol-mail default udp action reset
set sol-mail default icmp action open
add sol-mail tcp port 110 "sh scripts/pop3.sh"
add sol-mail tcp port 25 "sh scripts/smtp.pl"
add sol-mail tcp port 22 open
add sol-mail tcp port 143 open
add sol-mail tcp port 993 open
-------------------------
# nmap -sS -sU -O 192.168.0.212

Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2006-05-06 15:52 MDT
Interesting ports on 192.168.0.212:
(The 3133 ports scanned but not shown below are in state: closed)
PORT    STATE SERVICE
22/tcp  open  ssh
25/tcp  open  smtp
110/tcp open  pop3
143/tcp open  imap
993/tcp open  imaps
MAC Address: 08:00:20:F9:6A:F3 (SUN Microsystems)
Device type: general purpose
Running: Sun Solaris 9
OS details: Sun Solaris 9
Uptime 0.023 days (since Sat May  6 15:18:57 2006)

Nmap run completed -- 1 IP address (1 host up) scanned in 7.394 seconds
-------------------------
$ telnet 192.168.0.211 25
Trying 192.168.0.211...
Connected to 192.168.0.211.
Escape character is '^]'.
220 bps-pc9.local.mynet Microsoft ESMTP MAIL Service, Version: 5.0.2195.5329 ready at Mon Jan 12 12:55:04 MST 2004
EHLO kryten
250-bps-pc9.local.mynet Hello [kryten]
250-TURN
250-ATRN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50}
250 OK
-------------------------
add linux tcp port 22 proxy 192.168.0.100:22
