spacer [an error occurred while processing this directive]
Home
About the Project
Research Alliance
Challenges
Presentations
Whitepapers
Tools
Our Book
Funding/Donations
Mirrors

spacer
spacer  
Honeywall CDROM
spacer

The purpose of this section is to give you a technical summary of how the CDROM works, and critical issues you will need to consider. Please submit all bugs/corrections for this documentation or the Honeywall CDROM to our Bugzilla Server.

Last Modified: 16 August, 2005

2. Technical Summary

  1. How It Works
  2. Key Considerations
  3. Default Users

rule

2.1 How It Works
The Honeywall CDROM installs a GenIII honeywall to your local hard drive, overwriting and destroying any previously installed information. Your honeywall is based on Fedora Core 3 that has been miminized for security reasons and had additional Honeywall RPM's added. This gateway becomes a layer 2 bridging device (we no longer support layer 3 routing) that capture, controls, and analyzes all inbound and outbound traffic to your honeypots. Keep in mind, the CDROM only creates your honeywall gateway, you still have to provide the honeypots.

Installation should be as simple as booting from the CDROM then hitting the Enter key, allowing the fully automated install process to begin. After installation, you will have to go through an Intial Setup process to configure your honeywall gateway for the first time. Once configured and deployed, you have three options on how to administer the system, a command line utility called hwctl, a dialog menu, and the new GUI based browser interface called Walleye. In addition, Walleye supports a data analysis interface, however remote access is required for this interface, as the honeywall does not support any local windowing capabilities. Also, your honeywall automatically updates itself every day using yum(1), as it will check for, download, and install all the latest OS and honeywall RPM's.

rule

2.2 Key Considerations
These are key issues when decdiding to deploy your Honeywall.

  • Minimum number of Network Interface Cards is 2 (one for inbound, the other for outbound). If you want to have remote management capabilities, including the use of the Walleye web interface, then you must have a 3rd NIC installed.

rule

2.3 Default Users
Once installed, your honeywall will have default users. The password for ALL of these accounts is honey. Its HIGHLY recommended you change these passwords.

  • Default local OS user is roo.
  • Default local OS privalleged user is root.
  • Default user for Walleye web interface is roo.
rule


<-Back Home Next->


Back to Top