The purpose of this section is to give you a technical summary of how the CDROM works,
and critical issues you will need to consider.
Please submit all bugs/corrections for this documentation or the Honeywall
CDROM to our Bugzilla Server.
Last Modified: 25 May, 2007
2.0 Technical Summary
- How It Works
- Key Considerations
- Default Users
2.1 How It Works
The Honeywall CDROM installs a honeywall to your local hard drive,
overwriting and destroying any previously installed information. Your
honeywall is based on Fedora Core 6 that has been miminized for security
reasons and had additional
Honeywall RPM's added.
This gateway becomes a layer 2 bridging device that capture, controls, and analyzes
all inbound and outbound traffic to
your honeypots. Keep in mind, the CDROM only creates your honeywall gateway,
you still have to provide the honeypots.
Installation should be as simple as booting from the CDROM then hitting the
Enter key, allowing the fully automated
install process to begin. After installation, you will have to go through an
Intial Setup process to configure your honeywall gateway for the first time.
Once configured and deployed, you have three options on how to administer the
system, a command line utility called hwctl, a dialog menu, and the
GUI based browser interface called Walleye. In addition, Walleye
supports a data analysis interface, however remote access is required for
this Walleye, as the honeywall does not support any local windowing capabilities.
Also, your honeywall can be configured to automatically updates itself every
day using yum(8) to check for, download, and install all the latest
OS and honeywall RPM's.
2.2 Key Considerations
These are key issues when decdiding to deploy your Honeywall.
- The minimum number of Network Interface Cards is two: one card to connect to the internal, honeynet network and another to connect to the external network/Internet. If you want
to have remote management and automated updating capabilities,
including the use of the Walleye web interface, then you must have a 3rd NIC
installed (this is highly recommended).
2.3 Default Users
Once installed, your honeywall will have default users. The
password for ALL of these accounts is honey. Its HIGHLY
recommended you change these passwords. You can change the local OS
passwords during the initial configuration process; the Walleye password
can be changed the first time you log into the web interface.
- Default local OS user is roo.
- Default local OS privileged user is root.
- Default user for Walleye web interface is roo.
<-Back Home Next->