honeywall roo 1
TRANSCRIPT
![Page 1: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/1.jpg)
Honeynet concepts and Honeywall Installa0on
講師 : 鄭毓芹 ( Julia Cheng)
![Page 2: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/2.jpg)
課程內容: • 課程目標: 課程介紹Honeynet Project 用於國際部屬的GDH 2 架構,並帶領學員實現學習如何利用誘捕網路誘捕網路攻擊與惡意程式。
• 課程內容: – Hands-‐on training environment – Honeypot and Honeynet Technology – Hand-‐On : Honeywall ROO v.1.4 Introduc0on, Install and Configure – Hand-‐On : Low interac0on honeypots (Nepenthes) – Hand-‐ On : High interac0on honeypots and Sebek – Incident analysis
2
![Page 3: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/3.jpg)
Thanks a lot …
• The training materials refer to “Hands On with the Honeywall and Virtual Honeynets” by David Watson from FIRST TC 02/12/2009 in Kuala Lumpur.
3
![Page 4: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/4.jpg)
Goals for training course
• Learn about honeynet technologies in a safe environment
• Gain an apprecia0on for how tools can help in opera0onal security and incident response
• Ask lots of ques0ons: this is a hands-‐on interac0ve session, so please say if stuck
4
![Page 5: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/5.jpg)
Your Experience?
• Command line UNIX / Linux? • Control and operate in VMWare Server? • IP networking? • Packet sniffing and network forensics? • Malware collec0on and binary analysis • Using Honeypots and honeynets
5
![Page 6: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/6.jpg)
Training Plaborm
• Everyone has the same training environment – WinXP and VMWare Server 1.0.9 – IP Address (140.110.126.x)(eth0) – the desktop PCs – Private VM LAN (vmnet8) – your personal NATed VMs
– Prebuilt VMs • Roo Honeywall v1.4 • Nepenthes v0.2.2 on Ubuntu Desktop 9.10 Honeypot • Ubuntu Server LAMP + Sebek v3 Honeypot • BackTrack agack host • Windows XP Professional SP3 Honeypot
6
![Page 7: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/7.jpg)
Honeynet Training Scenario
7
![Page 8: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/8.jpg)
Honeypot and Honeynet Technology
講師 : 鄭毓芹 ( Julia Cheng)
![Page 9: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/9.jpg)
Honeypot and Honeynet • A honeypot is an informa0on system resource whose value lies in unauthorized or illicit use of that resource
• Has no produc0on value, anything going to or from a honeypot is likely a probe, agack or compromise
• Primary value to most organiza0ons is informa0on
• A honeynet is a network of honeypots 9
![Page 10: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/10.jpg)
Honeypot and Honeynet (Cont.)
• Honeypot General Purpose : – Designed opera0on systems and services around your networks to be probed and hacked.
– All data collected is of high value and unpolluted
• What is Honeypot ? (單點)
– 模擬特定服務/系統弱點/特定功能,誘捕駭客攻擊
– 具資料捕捉機制,可收集攻擊資料,提供分析
– 具安全控管機制,避免被當作跳板。
10
![Page 11: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/11.jpg)
Honeypot and Honeynet (Cont.) • What is a Honeynet ?
– Include Honeywall / Low-‐Interac0on / High-‐interac0on honeypot
– It is an architecture, not a product or soiware – Populate with live systems – Once compromised, data is collected
to learn the tools, tac0cs, and mo0ves of the blackhat community.
• Value of Honeynet – Research : Iden0fy new tools and new
tac0cs, Profiling blackhats – Early warning and predic0on – Incident Response / Forensics – Self-‐defense
11
![Page 12: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/12.jpg)
Honeypot and Honeynet Type
• Low-‐interac0on (LI) – Emulates services, applica0ons, and OS’s – Low risk and easy to deploy/maintain, but – capture limited informa0on
• High-‐interac0on (HI) – Real services, applica0ons, and OS’s – Capture extensive informa0on, but higher risk and 0me intensive to maintain
12
![Page 13: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/13.jpg)
作業系統
Low-‐
InteracMonHoneypot
硬碟
本機其他的資源
高互動式
低互動式
在honeynet中使用防火牆來紀錄、捕捉攻擊行為
Low-‐InteracMon Hpneypot
Honeypot and Honeynet Type (Con.t)
![Page 14: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/14.jpg)
Honeynet Project Tools
• Honeywall CD ROM (高互動式) • Honeys0ck • Honeytrap (低互動式) • HIHAT (高互動式) • Nepenthes (低互動式) • HoneyC • Capture-‐HPC • Capture-‐BAT • Honeysnap • Tracker • Pehunter
• Sebek • PicViz • Honeymole • HoneyBow • Google Hack
Honeypot • Glastopf
14
![Page 15: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/15.jpg)
低互動式誘捕系統 – Honeyd (模擬作業系統與Service)
15
Internet
Router
192.168.0.1Linux
192.168.0.2FreeBSD
192.168.0.3Windows
192.1683.0.4NetBSD
192.168.0.0Honeyd系統
![Page 16: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/16.jpg)
低互動式誘捕系統– Nepenthes (模擬Windows 系統弱點)
16
![Page 17: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/17.jpg)
高互動式誘捕系統—HIHAT (將php套裝程式轉變為Honeypot)
• HIHAT 為一高互動式的網頁誘捕系統,可偵測多種網頁應用程式攻擊。
17
![Page 18: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/18.jpg)
高互動式誘捕系統 –Capture-‐HPC
n 定義: Honeyclient is an ac0ve security devices/applica0on in search of malicious servers that agack clients. n 為一主動式之誘捕系統,能夠模擬用戶端應用
程式與Server進行互動,根據互動結果能夠判斷Server為正常(Benign)或是異常(Malicious)
n Web Browser, FTP, SSH, Email, …
18
![Page 19: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/19.jpg)
互動式誘捕系統 –Capture-‐HPC (Cont.)
• Capture-‐HPC 為一高互動式的Client Honeypot,探測Malicious Web servers (監控Client-‐Side Agacks)
19
![Page 20: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/20.jpg)
足夠了嗎…..???
• Honeypot為單一資料收集點,所能收集到的資料非常有限,如何可以看到全面性且完整的駭客攻擊資訊?
• 多方面收集最新駭客攻擊手法、使用工具與目的
• 安全機制的加強
20
![Page 21: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/21.jpg)
What is Honeynet ? • 誘捕網路為一個完整的真實網路,主要開放給
駭客進行攻擊,並能夠藉由網路學習駭客的攻擊行為
• 誘捕網路(Honeynet)屬於一種高互動性的Honeypots,提供真實系統、應用程式及服務給攻擊者,因此能夠收集到珍貴的攻擊資訊。
• 藉由Honeynet環境建置,能夠對所有進出的流量加以收集與監控,加強安全機制保護
• 誘捕網路能夠收集全面性的攻擊資料,進行分析,進而學習駭客所用的工具與手法,甚至於駭客的攻擊的動機
21
![Page 22: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/22.jpg)
What is Honeynet ? (Cont.)
• 提供不同的設計當作陷阱,並沒有作任何引誘的駭客的額外機制,不會對駭客有一個反制的行為,只是去學習駭客的行為
• Honeynet其價值在於可以提供確實的risk與vulnerabilities給相關的安全組織
22
![Page 23: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/23.jpg)
Honeynet 說明示意圖
router
Host 1 Host N
...
Server 1 Server N
Honey Host 1Honey Host N
...
Management Host
eth1eth0
eth2HoneyWall
HoneyNet
...
23
![Page 24: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/24.jpg)
24
192.168.5.13Windows 2k
192.168.5.11RH7.3
管理者
Honeynet
Fedora code 1橋接式防火牆
1
1
192.168.6.110Data Server
192.168.5.12XP
0
2 1
IPS
Honeywall放大示意圖
Drop Replace
![Page 25: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/25.jpg)
誘捕網路(Honeynet)建構元件
• 防火牆 – 記錄了所有進出的連線並提供安全的保護
• 入侵偵側系統
– 記錄了網路上的流量且尋找攻擊和入侵的線索
• 日誌紀錄
– 所有的遠端連線的指令都能夠被記錄到系統日誌
• Honeypot – 設定好的Honeypot可為任何作業系統
25
![Page 26: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/26.jpg)
Honeynet的架構需求
• 資料捕捉機制 (Data Capture) – 偵測並捕獲所有攻擊流量
• 數據控制機制 (Data Control) – 降低風險,使的honeypot主機不會變成跳板
去攻擊其餘主機
• 數據分析機制 (Data Analysis) – 分析攻擊者到底做了什麼
26
![Page 27: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/27.jpg)
資料捕捉機制 (Data Capture)
• 對在Honeynet中的入侵者所有行為進行監測和記錄的工作
• 安全地記錄和儲存相關系統日誌資訊
• 較常使用元件:iptables、Snort、Sebek、p0f 、tcpdump
27
![Page 28: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/28.jpg)
數據控制機制 (Data Control)
• 對入侵者可能得到的權限及攻擊行為進行限制
• 防止Honeypot被駭客或惡意程式加以利用攻擊第三方
• 當開放的服務越多時,怎樣針對特定服務行為設定限制條件,並能夠學習與發現駭客的攻擊行為操作
• 較常使用元件:Snort_inline、IPtables 28
![Page 29: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/29.jpg)
數據控制機制 (Data Control) (Cont.)
29
No Data Control
Data Control
![Page 30: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/30.jpg)
數據分析機制 (Data Analysis)
• 對所捕獲的所有資料,事後進行分析研究
– Iptables 紀錄資料、Snort Alert 、Snort Log、Sebek鍵擊記錄資料、Snort_inline 紀錄 …. 等
30
![Page 31: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/31.jpg)
Honeywall ROO v.1.4 Introduc0on, Install and Configure
![Page 32: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/32.jpg)
Honeynet Training Scenario
32
![Page 33: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/33.jpg)
Honeywall CDROM ROO
• Honeynet Project所提供,主要將所有架設Honeynet所需要的系統、工具軟體與相關設定檔結合成ㄧ個可開機光碟,幫助使用者進行Honeynet的架設
• hgps://projects.honeynet.org/honeywall/
33
![Page 34: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/34.jpg)
34
![Page 35: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/35.jpg)
Honeywall overview
• Bootable CentOS 5.x CD-‐ROM • U0lizes exis0ng Honeynet data control and data capture technologies
• Iptables (custom Honeywall configura0on via rc.firewall)
• Snort + Snort-‐inline • TCP rate limi0ng + Sebek client
• Menu-‐driven and web based configura0on interfaces for easy remote configura0on
• Single configura0on file for interac0ve or automated configura0on deployment
35
![Page 36: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/36.jpg)
Honeywall Logical Components
36
資料捕捉機制: Firewall Log、Snort、Sebek 數據控制機制: Snort_inline、IPtables 數據分析機制: Walleye (Argus、Hflow2)d
![Page 37: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/37.jpg)
Data Control – Snort_inline與iptables
INTERNET
Honeywall
無設限條件
連線限制 過濾攻擊行為封包
Sendmail Mail Server
Oracle DataBaseServer
DNS Server
MS-SQL DataBase Server
Apache WebServer
Honeynet
37
![Page 38: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/38.jpg)
Data Control – Snort_inline與iptables
eth0
Iptables
eth1
Snort_inline
Honeywall
DropReplace
38
讓駭客能夠進來Honeynet 進行攻擊,但限制其出去 的行為
![Page 39: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/39.jpg)
Honeywall –Data Control ((Snort-‐Inline / Limits)
• Snort_inline (NIPS) – 對流出Honeywall的資料流 (Outbound Traffic)加
以限制
– 規則: Drop、Replace
• IPtables (Firewall) – 以Policy配合Snort_inline 對流出的Traffic加以控
制
39
![Page 40: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/40.jpg)
資料捕捉機制 (Data Capture)
• 資料捕捉是Honeynet的一個重要目的
• 主要捕捉三方面的資料加以記錄:
– Firewall Log:防火牆( IPtables)的日誌記錄
– Network Traffic:以Snort 搭配Tcpdump記錄資料流,並且以pcap格式儲存
– System Ac0vity:以Sebek 捕捉的系统活動
40
![Page 41: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/41.jpg)
Data Capture說明(1/4)
• 網路行為資料 – 網路流資料: Argus – 入侵檢測報警: Snort – 作業系統訊息: p0f
• 系統行為資料: – Process、文件、命令、鍵擊記錄:Sebek
• 網路原始資料 – 完整的資料流:tcpdump
41
![Page 42: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/42.jpg)
Data Capture說明(2/4)
eth0
Iptables
eth1
Snort_inline
Honeywall
Sebek Client
Logs
Standard Snort
Tcpdumplog file
Sebek Server
HoneypotDB
42
![Page 43: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/43.jpg)
Install Vmware
• 安裝Vmware-‐Server-‐1.0.9 版 • What is Vmware :
– VMware實際上也只是一種應用軟體,用於建構出虛擬機器,虛擬機器具有自己的虛擬化了的CPU、RAM、硬碟、光碟,甚至還有自己的BIOS。虛擬機器上可以安裝Windows、Linux等真實的操作系統,及各種應用程式。
• Vmware Networking Mode : • Bridge : 虛擬主機與真實網路連接 (VMnet0) • NAT:虛擬主機以NAT方式連接真實網路(VMnet8)
• Host Only: 虛擬主機網路不能和真實網路連接,而只能與Host Machine(真實主機)連接
43
![Page 44: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/44.jpg)
Honeywall Install
44
![Page 45: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/45.jpg)
45
![Page 46: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/46.jpg)
46
![Page 47: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/47.jpg)
47
![Page 48: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/48.jpg)
48
新增另外兩張網卡
![Page 49: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/49.jpg)
49
第⼀一張網卡: 接受外部Internet來的攻擊流量
![Page 50: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/50.jpg)
50
第⼆二張網卡: 傳送攻擊流量進⼊入Honeypot
![Page 51: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/51.jpg)
51
第三張網卡: 連接Honeywall 管理介⾯面
![Page 52: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/52.jpg)
52
載⼊入安裝印象檔
D:\Honeynet_Training\Image\roo-‐1.4.hw-‐20090425114542.iso
![Page 53: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/53.jpg)
53
![Page 54: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/54.jpg)
54
![Page 55: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/55.jpg)
55
![Page 56: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/56.jpg)
56
![Page 57: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/57.jpg)
57
![Page 58: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/58.jpg)
58
![Page 59: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/59.jpg)
59
![Page 60: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/60.jpg)
60
![Page 61: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/61.jpg)
61
![Page 62: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/62.jpg)
62
![Page 63: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/63.jpg)
63
![Page 64: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/64.jpg)
64
![Page 65: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/65.jpg)
65
![Page 66: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/66.jpg)
66
192.168.13.4 192.168.13. 6
![Page 67: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/67.jpg)
67
![Page 68: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/68.jpg)
68
![Page 69: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/69.jpg)
69
![Page 70: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/70.jpg)
70
![Page 71: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/71.jpg)
71
![Page 72: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/72.jpg)
72
![Page 73: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/73.jpg)
73
![Page 74: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/74.jpg)
74
![Page 75: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/75.jpg)
75
![Page 76: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/76.jpg)
76
![Page 77: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/77.jpg)
77
168.95.1.1
![Page 78: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/78.jpg)
78
![Page 79: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/79.jpg)
79
![Page 80: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/80.jpg)
80
honey
![Page 81: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/81.jpg)
81
honey
![Page 82: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/82.jpg)
82
![Page 83: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/83.jpg)
83
140.110.126.x
![Page 84: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/84.jpg)
84
![Page 85: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/85.jpg)
85
![Page 86: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/86.jpg)
86
![Page 87: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/87.jpg)
87
![Page 88: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/88.jpg)
88
![Page 89: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/89.jpg)
89
![Page 90: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/90.jpg)
90
![Page 91: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/91.jpg)
91
![Page 92: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/92.jpg)
92
![Page 93: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/93.jpg)
93
![Page 94: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/94.jpg)
94
![Page 95: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/95.jpg)
95
![Page 96: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/96.jpg)
96
![Page 97: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/97.jpg)
97
![Page 98: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/98.jpg)
98
![Page 99: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/99.jpg)
99
![Page 100: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/100.jpg)
100
![Page 101: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/101.jpg)
101
![Page 102: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/102.jpg)
102
![Page 103: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/103.jpg)
103
![Page 104: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/104.jpg)
104
![Page 105: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/105.jpg)
105
![Page 106: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/106.jpg)
106
168.95.1.1
![Page 107: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/107.jpg)
107
![Page 108: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/108.jpg)
108
![Page 109: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/109.jpg)
109
![Page 110: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/110.jpg)
110
![Page 111: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/111.jpg)
111
![Page 112: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/112.jpg)
112
![Page 113: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/113.jpg)
113
![Page 114: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/114.jpg)
114
![Page 115: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/115.jpg)
115
![Page 116: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/116.jpg)
116
![Page 117: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/117.jpg)
117
安裝完成,請先做Snapshot
![Page 118: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/118.jpg)
• Chkconfig是設定係統在不同runlevel之下所執行的服務,Chkconfig Level – Level 0﹕關機
– Level 1﹕單人模式
– Level 2﹕多人模式﹐沒有網路功能
– Level 3﹕完整多人模式﹐文字界面 – Level 4﹕保留 – Level 5﹕完整多人模式﹐圖形界面 – Level 6﹕重新開機
118
![Page 119: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/119.jpg)
Configure
119
![Page 120: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/120.jpg)
120
![Page 121: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/121.jpg)
121
![Page 122: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/122.jpg)
122
![Page 123: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/123.jpg)
123
![Page 124: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/124.jpg)
124
![Page 125: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/125.jpg)
125
![Page 126: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/126.jpg)
126
![Page 127: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/127.jpg)
127
![Page 128: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/128.jpg)
128
![Page 129: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/129.jpg)
129
![Page 130: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/130.jpg)
130
![Page 131: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/131.jpg)
131
![Page 132: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/132.jpg)
132
![Page 133: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/133.jpg)
133
![Page 134: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/134.jpg)
134
![Page 135: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/135.jpg)
135
![Page 136: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/136.jpg)
136
![Page 137: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/137.jpg)
137
![Page 138: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/138.jpg)
138
![Page 139: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/139.jpg)
139
![Page 140: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/140.jpg)
140
![Page 141: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/141.jpg)
141
![Page 142: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/142.jpg)
142
![Page 143: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/143.jpg)
143
![Page 144: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/144.jpg)
144
![Page 145: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/145.jpg)
145
![Page 146: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/146.jpg)
146
![Page 147: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/147.jpg)
147
![Page 148: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/148.jpg)
148
![Page 149: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/149.jpg)
149
![Page 150: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/150.jpg)
150
![Page 151: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/151.jpg)
151
![Page 152: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/152.jpg)
152
![Page 153: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/153.jpg)
153
![Page 154: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/154.jpg)
154
![Page 155: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/155.jpg)
Don’t re-‐configure your honeywall
155
![Page 156: Honeywall roo 1](https://reader035.vdocuments.pub/reader035/viewer/2022082204/55c5b1c5bb61eb441c8b47c8/html5/thumbnails/156.jpg)
Q & A