Summary: A Virtual Honeypot Daemon Name: honeyd Version: 1.5a Release: %mkrel 3 License: BSD Group: System/Servers URL: http://niels.xtdnet.nl/honeyd/ Source0: http://www.citi.umich.edu/u/provos/honeyd/%{name}-%{version}.tar.gz Source1: http://www.citi.umich.edu/u/provos/honeyd/%{name}-%{version}.tar.gz.sig Source2: %{name}.conf.bz2 Source3: %{name}.init.bz2 Source4: %{name}.sysconfig.bz2 Source5: %{name}-webserver.sysconfig.bz2 Source6: %{name}.logrotate.bz2 Patch0: %{name}.Makefile.patch Patch1: honeyd-1.5a-nmap-prints.diff Patch2: honeyd-1.5a-lib64.diff Patch3: %{name}-1.0-pidsock.diff Patch4: %{name}-1.0-tmpdir.diff Patch5: honeyd-1.5a-DESTDIR.diff Requires(post): rpm-helper Requires(preun): rpm-helper Requires(pre): rpm-helper Requires(postun): rpm-helper Requires: rrdtool BuildRequires: libevent-devel >= 1.0 BuildRequires: libdnet-devel BuildRequires: libpcap-devel BuildRequires: libpcre-devel BuildRequires: libdnsres-devel BuildRequires: flex bison BuildRequires: automake1.7 BuildRequires: python-devel BuildRequires: readline-devel BuildRequires: rrdtool BuildRequires: zlib-devel BuildRequires: python-dnet BuildRequires: python-dpkt BuildRequires: python-pypcap # it's either readline or libedit. it seems almost each time libedit is preferred. BuildConflicts: edit-devel BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot %description Honeyd is a small daemon that creates virtual hosts on a network. The hosts can be configured to run arbitrary services, and their personality can be adapted so that they appear to be running certain operating systems. Honeyd enables a single host to claim multiple addresses - I have tested up to 65536 - on a LAN for network simulation. Honeyd improves cyber security by providing mechanisms for threat detection and assessment. It also deters adversaries by hiding real systems in the middle of virtual systems. It is possible to ping the virtual machines, or to traceroute them. Any type of service on the virtual machine can be simulated according to a simple configuration file. Instead of simulating a service, it is also possible to proxy it to another machine. %package webserver Summary: A simple Python based webserver for honeyd Group: System/Servers Requires(post): rpm-helper Requires(preun): rpm-helper Requires: python-dnet Requires: python-dpkt Requires: python-pypcap Requires: %{name} = %{version}-%{release} %description webserver This package contains a simple Python based webserver for honeyd. %package devel Summary: Development files for %{name} Group: Development/C Requires: %{name} = %{version}-%{release} %description devel This package contains development files for %{name} %prep %setup -q -n %{name}-%{version} # (misc) this patch correct the soname of the bundled library %patch0 -p1 -b .Makefile # (misc) this patch remove a error message, it seems that the file # contains two non standard value. %patch1 -p0 -b .nmap-prints %patch2 -p0 -b .lib64 %patch3 -p1 -b .pidsock %patch4 -p1 -b .tmpdir %patch5 -p0 -b .DESTDIR bzcat %{SOURCE2} > %{name}.conf bzcat %{SOURCE3} > %{name}.init bzcat %{SOURCE4} > %{name}.sysconfig bzcat %{SOURCE5} > %{name}-webserver.sysconfig bzcat %{SOURCE6} > %{name}.logrotate %build export WANT_AUTOCONF_2_5=1 rm -f configure libtoolize --copy --force; aclocal-1.7; autoconf; automake-1.7 %configure2_5x \ --enable-shared \ --enable-static \ --bindir=%{_sbindir} \ --with-python # parallell build's broken make cat <<EOF >README.Mandriva This package was build with python support. The file with /usr/share/honeyd/nmap.prints was tweaked to remove two bogus values ( search Mandriva in the comment ). If you want to simulated large network, you will need arpd, avaliable from contribs. Use 'urpmi arpd' to install it. EOF %install [ -n "%{buildroot}" -a "%{buildroot}" != / ] && rm -rf %{buildroot} # don't fiddle with the initscript! export DONT_GPRINTIFY=1 install -d %{buildroot}%{_initrddir} install -d %{buildroot}%{_sysconfdir}/sysconfig install -d %{buildroot}%{_sysconfdir}/logrotate.d install -d %{buildroot}%{_datadir}/%{name}/scripts install -d %{buildroot}%{_localstatedir}/%{name}/tmp install -d %{buildroot}/var/run/%{name} install -d %{buildroot}/var/log/%{name} %makeinstall_std cp -R scripts/* %{buildroot}%{_datadir}/%{name}/scripts install -m0755 %{name}.init %{buildroot}%{_initrddir}/%{name} install -m0644 %{name}.conf %{buildroot}%{_sysconfdir}/ install -m0644 %{name}.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/%{name} install -m0644 %{name}-webserver.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/%{name}-webserver install -m0644 %{name}.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/%{name} mv %{buildroot}%{_datadir}/%{name}/webserver/htdocs %{buildroot}%{_localstatedir}/%{name}/html # cleanup rm -f %{buildroot}%{_datadir}/%{name}/README rm -f %{buildroot}%{_datadir}/%{name}/config.ethernet rm -f %{buildroot}%{_datadir}/%{name}/config.sample # create ghostfiles touch %{buildroot}/var/log/honeyd/honeyd.log touch %{buildroot}/var/log/honeyd/servicelog.log %pre %_pre_useradd %{name} %{_localstatedir}/%{name} /bin/false %postun %_postun_userdel %{name} %post %create_ghostfile /var/log/honeyd/honeyd.log %{name} %{name} 0644 %create_ghostfile /var/log/honeyd/servicelog.log %{name} %{name} 0644 %_post_service %{name} %preun %_preun_service %{name} %post webserver %{_initrddir}/%{name} restart %preun webserver %{_initrddir}/%{name} restart %clean [ -n "%{buildroot}" -a "%{buildroot}" != / ] && rm -rf %{buildroot} %files %defattr(-,root,root) %doc README* config.sample config.ethernet %attr(0755,root,root) %{_initrddir}/%{name} %config(noreplace) %attr(0644,root,root) %{_sysconfdir}/%{name}.conf %config(noreplace) %attr(0644,root,root) %{_sysconfdir}/sysconfig/%{name} %config(noreplace) %attr(0644,root,root) %{_sysconfdir}/logrotate.d/%{name} %attr(0755,root,root) %{_sbindir}/* %attr(0644,root,root) %{_mandir}/man?/* # %dir %{_libdir}/%{name} %attr(0755,root,root) %{_libdir}/%{name}/lib%{name}.so # %dir %{_datadir}/%{name} %attr(0644,root,root) %{_datadir}/%{name}/nmap.assoc %attr(0644,root,root) %{_datadir}/%{name}/nmap.prints %attr(0644,root,root) %{_datadir}/%{name}/xprobe2.conf %attr(0644,root,root) %{_datadir}/%{name}/pf.os %attr(0755,root,root) %{_datadir}/%{name}/proxy %attr(0755,root,root) %{_datadir}/%{name}/smtp # %dir %{_datadir}/%{name}/scripts %attr(0755,root,root) %{_datadir}/%{name}/scripts/* # %dir %attr(0755,%{name},%{name}) /var/run/%{name} %dir %attr(0755,%{name},%{name}) /var/log/%{name} %dir %attr(0755,%{name},%{name}) %{_localstatedir}/%{name}/tmp # %attr(0644,%{name},%{name}) %ghost %config(noreplace) /var/log/honeyd/honeyd.log %attr(0644,%{name},%{name}) %ghost %config(noreplace) /var/log/honeyd/servicelog.log %files webserver %defattr(-,root,root) %config(noreplace) %attr(0644,root,root) %{_sysconfdir}/sysconfig/%{name}-webserver %dir %attr(0755,%{name},%{name}) %{_localstatedir}/%{name} %dir %attr(0755,%{name},%{name}) %{_localstatedir}/%{name}/html %dir %attr(0755,%{name},%{name}) %{_localstatedir}/%{name}/html/graphs %dir %attr(0755,%{name},%{name}) %{_localstatedir}/%{name}/html/images %dir %attr(0755,%{name},%{name}) %{_localstatedir}/%{name}/html/styles %dir %attr(0755,%{name},%{name}) %{_localstatedir}/%{name}/html/templates %dir %attr(0755,%{name},%{name}) %{_localstatedir}/%{name}/html/templates/inc %attr(0644,%{name},%{name}) %{_localstatedir}/%{name}/html/graphs/*.gif %attr(0644,%{name},%{name}) %{_localstatedir}/%{name}/html/images/*.gif %attr(0644,%{name},%{name}) %{_localstatedir}/%{name}/html/styles/*.css %attr(0644,%{name},%{name}) %{_localstatedir}/%{name}/html/templates/inc/*.tmpl %attr(0644,%{name},%{name}) %{_localstatedir}/%{name}/html/templates/*.tmpl %attr(0644,%{name},%{name}) %{_localstatedir}/%{name}/html/*.py %attr(0644,root,root) %{_datadir}/%{name}/webserver/*.py %files devel %defattr(-,root,root) %dir %{_includedir}/%{name} %attr(0644,root,root) %{_includedir}/%{name}/*.h %changelog * Sun Mar 19 2006 Oden Eriksson <oeriksson@mandriva.com> 1.5a-3mdk - for some reason you can't use nobody,nogroup, bummer..., using plan b * Sun Mar 19 2006 Oden Eriksson <oeriksson@mandriva.com> 1.5a-2mdk - second upload attempt (honeyd-webserver) * Sun Mar 19 2006 Oden Eriksson <oeriksson@mandriva.com> 1.5a-1mdk - 1.5a (Major feature enhancements) - rediffed patches; P1,P2 - drop upstream implemented patches; P5 - fix deps, ghostfiles, permissions, etc. * Thu Jul 28 2005 Nicolas Lécureuil <neoclust@mandriva.org> 1.0-5mdk - Fix BuildRequires * Wed Jul 13 2005 Oden Eriksson <oeriksson@mandriva.com> 1.0-4mdk - rebuilt against new libpcap-0.9.1 (aka. a "play safe" rebuild) - added P5 to make it compile with gcc4 (gentoo) * Thu Jan 20 2005 Per Ãyvind Karlsen <peroyvind@linux-mandrake.com> 1.0-3mdk - rebuild for new readline * Fri Jan 07 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 1.0-2mdk - made some minor changes in S4 * Mon Jan 03 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 1.0-1mdk - 1.0 - set WANT_AUTOCONF_2_5, it is harmless. - add buildconflicts on edit-devel - added lib64 fixes (P2) - added P3 & P4 to make it easier to run as uid/gid honeyd - fixed S2 & S3 to make it run as uid/gid honeyd - added S5 to split out the python webserver config parts - added S6 to please rpmlint some * Mon Dec 06 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.8b-4mdk - rebuilt against new libevent * Sun Dec 05 2004 Michael Scherer <misc@mandrake.org> 0.8b-3mdk - Rebuild for new python * Tue Jun 01 2004 Marcel Pol <mpol@mandrake.org> 0.8b-2mdk - buildrequires (slbd) - don't set WANT_AUTOCONF_2_5 * Tue Apr 20 2004 Michael Scherer <misc@mandrake.org> 0.8b-1mdk - New release 0.8b - update patch #0 - add honeydctl * Thu Apr 15 2004 Per Ãyvind Karlsen <peroyvind@linux-mandrake.com> 0.8a-1mdk - 0.8a * Sat Feb 28 2004 Michael Scherer <misc@mandrake.org> 0.8-2mdk - [DIRM] - autoconf2.5 fix * Fri Jan 23 2004 Michael Scherer <misc@mandrake.org> 0.8-1mdk - 0.8 - rediff patch #1 * Mon Dec 22 2003 Michael Scherer <misc@mandrake.org> 0.7a-1mdk - 0.7a - tweak initscript - add python support * Fri Sep 12 2003 Michael Scherer <scherer.michael@free.fr> 0.6a-1mdk - 0.6a - fix automated build - [DIRM] - remove explicit Requires - regenerate patch #0 * Mon May 05 2003 Oden Eriksson <oden.eriksson@kvikkjokk.net> 0.5a-1mdk - initial cooker contrib - added S2, S3, S4, P0 & P1 with ideas from Michael Scherer