####################################################################
Filename: MENU
Source 0: /CDROM
Source 1: http://www.honeynet.org/tools/cdrom/roo/
#####################################################################


    The Honeynet Project and the Research Alliance
             Honeywall CDROM Documentation

                Last Updated: 24 March, 2005



PURPOSE
=======
This document explains how to use the Dialog Menu for both configuration 
and administration purposes.  This is no longer considered the primary
method of maintaining your Honeywall, as the new Walleye interface is
considered a superior option.


OVERVIEW
========
The Main Menu has 5 options.  From these 5 options it is possible to 
configure and maintain the Honeynet gateway.  We have attempted to simplify 
the deployment process as much as possible by minimizing interaction 
directly with the OS.  Whenever an option is highlighted within the menu, 
the explanation of that option will be displayed at the bottom of the 
screen.  Submenus, always present the option of navigating back to the 
previous menu.  Remember, all variables are stored in a proc like 
filesystem (/hw/conf).  Changes are saved when you leave the menu.

The menu interface is based on a series of dialog scripts.  All scripts 
can be found in the /dlg directory.  The 5 main Menu options are:
 
MAIN MENU - (/dlg/dialogmenu.sh)
========= 
  1 Status  
  2 OS Administration
  3 Honewyall Administration
  4 Honeywall Configuration
  5 Documentation
  6 Exit

STATUS - (/dlg/Status.sh)
======
This is used to determine what the status is of both the operating system 
and the Honeywall.  Options are 

  1  Return to main menu
  2  Network Interface
  3  Honeywall.conf
  4  Firewall Rules
  5  Running processes
  6  Listening ports
  7  Snort_inline Alerts-fast  
  8  Snort_inline Alerts-full  
  9  Snort Alerts
  10 System Logs
  11 Inbound Connections
  12 Outbound Connections
  13 Dropped Connections
  14 tcpdstat Traffic Statistics
  15 Argus Flow Summaries
  16 Tracked Connections

OS ADMINISTRATION - (/dlg/Administration-menu.sh)
=================
Used to change or modify the behavior of the base operating system.  
Seperate OS Admin scripts found in /dlg/admin.

  1  Back to main menu
  2  Clean out Honeywall directories
  3  Configure SSH daemon 
       1 Back to OS Administration Menu
       2 Listen on port number
       3 Permit remote root login
       4 Run SSHD at startup
       5 Commit changes and restart SSHD
  4  Change Hostname
  5  Add User
  6  Change Root Password
  7  Prepare drive for re-initialization
  8  Initialize Drive 
  9  Create Honeywall directories
  10 Reboot Honeywall

HONEYWALL ADMINISTRATION - (/dlg/HoneyAdmin.sh)
========================
Used to execute functionality on the Honeywall.  Seperate Honeywall 
Admin scripts found in /dlg/operations.

  1 Return to main menu
  2 Manage configuration subsystem
  3 Emergency Lockdown
  4 Activate Honeywall
  5 Reload Honeywall
  6 Reload Snort
  7 Reload Snort-Inline
  8 Reload Firewall

HONEYWALL CONFIGURATION - (/dlg/HoneyConfig.sh)
=======================
Used to change or modify the configuration of the Honeywall.  Any 
changes made take effect upon leaving the menu. Seperate scripts 
found in /dlg/config.

  1 Return to main menu
  2 Mode and IP Information Variables - (/dlg/config/ManageIfaceConfig.sh)
      1 Back to Honeywall Configuration menu
      2 Honeywall Mode
      3 Public IP Address
      4 Honeypot Private IP Address (NAT mode only)
      5 Public Netmask (NAT mode only - for IP alias)
      6 Internet Interface
      7 Internal Interface
      8 LAN Broadcast Address
      9 LAN CIDR Prefix

  3 Remote Management - (/dlg/config/ManagementOpts.sh)
      1  Back to Honeywall Configuration menu
      2  Management IP
      3  Management Netmask
      4  Management Gateway
      5  Management DNS Servers
      6  Manager
      7  Allowed Inbound TCP
      8  Restrict Honeywall Outbound Traffic
      9  Honeywall Allowed Outbound TCP
      10 Honeywall Allowed Outbound UDP

  4 Connection Limiting - (/dlg/config/ConnectionLimit.sh)
      1 Back to Honeywall Configuration menu
      2 Scale
      3 TCP Limit
      4 UDP Limit
      5 ICMP Limit
      6 All Other Protocol Limit

  5 DNS Handling - (/dlg/config/DNSConfig.sh)
      1 Back to Honeywall Configuration menu
      2 Honeypot(s) allowed unlimited external DNS
      3 Valid external DNS Servers 

  6 Alerting - (/dlg/config/Email.pl)
      1 Add email address
      2 Start alerting automatically?

  7 Snort_inline 
      1 Select Snort-Inline Ruleset 
          1 Drop
          2 Reject
          3 Replace
      2 Enable Snort-Inline
      3 Disable Snort-Inline

  8 Honeywall Upload
      1 Return to Honeywall Configuration
      2 Hostname
      3 Port
      4 Username
      5 Syslog Archive Level
      6 Upload Firewall Logs
      7 Upload Pcap Logs
      8 Obfuscate Logs
      9 Obfuscation Fake Network
      11 Enable

  9 Honeywall Summary
      1 Return to Honeywall Configuration
      2 Honeynet

  10 Black and White List
      1 Back to Honeywall Configuration menu
      2 Black List Filenname
      3 White List Filename
      4 Enable Black and White List
      5 Disable Black and White List
  
  11 Outbound Fence List
      1 Back to Honeywall Configuration menu
      2 Fence List Filename
      3 Enable/Reload Fence List
      4 Disable Fence List

  12 Sebek 
      1 Drop
      2 Drop and Log
      3 Accept
      4 Accept and Log

  13 Reconfigure System
      1 Floppy
      2 Defaults
      3 Interview


DOCUMENTATION - (/dlg/Documentation-menu.sh)
=============
    1  Back to main menu
    2  view README.1st   
    3  view LICENSE
    6  view INTERNALS    
    7  view CUSTOMIZE
    8  view ChangeLog    
    11 view TODO

  Please send all feedback to <project@@honeynet.org> and report all
  bugs at https://bugs.honeynet.org.