Sep-19-2020, 12:40 PM
Hi everyone,
I have been for some time developing a honeypot which one of its functions is to detect por scanning in the local network. This funcionality has been working for months but now it stops working from one day to another.
I use iptables to redirect every package receive to any port to a specific port and, after that, I listen to that port but it never get pass the socket.accept() and I do not understand what happens. I left here the iptables command:
iptables -t nat -A PREROUTING -d 192.168.1.66/32 -p tcp -m tcp --dport 1:65535 -j DNAT --to-destination 192.168.1.66:11944
And this is the python code:
I have been for some time developing a honeypot which one of its functions is to detect por scanning in the local network. This funcionality has been working for months but now it stops working from one day to another.
I use iptables to redirect every package receive to any port to a specific port and, after that, I listen to that port but it never get pass the socket.accept() and I do not understand what happens. I left here the iptables command:
iptables -t nat -A PREROUTING -d 192.168.1.66/32 -p tcp -m tcp --dport 1:65535 -j DNAT --to-destination 192.168.1.66:11944
And this is the python code:
socket.setdefaulttimeout(1)
s = socket.socket()
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) #I use this to allow me restart the socket
s.bind((192.168.1.66, 11944))
s.listen()
while something:
try:
s.accept()
# Some coding
except socket.timeout:
pass
s.shutdown(0)
s.close()Thanks