spacer [an error occurred while processing this directive]
Home
About the Project
Research Alliance
Challenges
Presentations
Whitepapers
Tools
Our Book
Funding/Donations
Mirrors

spacer
spacer  
Honeywall CDROM
spacer

The purpose of this section is to give you a technical summary of how the CDROM works, and critical issues you will need to consider. Please submit all bugs/corrections for this documentation or the Honeywall CDROM to our Bugzilla Server.

Last Modified: 16 November, 2006

2.0 Technical Summary

  1. How It Works
  2. Key Considerations
  3. Default Users

rule

2.1 How It Works
The Honeywall CDROM installs a honeywall to your local hard drive, overwriting and destroying any previously installed information. Your honeywall is based on Fedora Core 3 that has been miminized for security reasons and had additional Honeywall RPM's added. This gateway becomes a layer 2 bridging device that capture, controls, and analyzes all inbound and outbound traffic to your honeypots. Keep in mind, the CDROM only creates your honeywall gateway, you still have to provide the honeypots.

Installation should be as simple as booting from the CDROM then hitting the Enter key, allowing the fully automated install process to begin. After installation, you will have to go through an Intial Setup process to configure your honeywall gateway for the first time. Once configured and deployed, you have three options on how to administer the system, a command line utility called hwctl, a dialog menu, and the GUI based browser interface called Walleye. In addition, Walleye supports a data analysis interface, however remote access is required for this Walleye, as the honeywall does not support any local windowing capabilities. Also, your honeywall automatically updates itself every day using yum(8), as it will check for, download, and install all the latest OS and honeywall RPM's.

rule

2.2 Key Considerations
These are key issues when decdiding to deploy your Honeywall.

  • The minimum number of Network Interface Cards is 2. However, if you want to have remote management and automated updating capabilities, including the use of the Walleye web interface, then you must have a 3rd NIC installed (this is highly recommended).

rule

2.3 Default Users
Once installed, your honeywall will have default users. The password for ALL of these accounts is honey. Its HIGHLY recommended you change these passwords. You can change the local OS passwords during the initial configuration process.

  • Default local OS user is roo.
  • Default local OS privileged user is root.
  • Default user for Walleye web interface is roo.
rule


<-Back Home Next->


Back to Top