####################################################################
Filename: MENU
Source 0: /CDROM
Source 1: http://www.honeynet.org/tools/cdrom/roo/
#####################################################################
The Honeynet Project and the Research Alliance
Honeywall CDROM Documentation
Last Updated: 24 March, 2005
PURPOSE
=======
This document explains how to use the Dialog Menu for both configuration
and administration purposes. This is no longer considered the primary
method of maintaining your Honeywall, as the new Walleye interface is
considered a superior option.
OVERVIEW
========
The Main Menu has 5 options. From these 5 options it is possible to
configure and maintain the Honeynet gateway. We have attempted to simplify
the deployment process as much as possible by minimizing interaction
directly with the OS. Whenever an option is highlighted within the menu,
the explanation of that option will be displayed at the bottom of the
screen. Submenus, always present the option of navigating back to the
previous menu. Remember, all variables are stored in a proc like
filesystem (/hw/conf). Changes are saved when you leave the menu.
The menu interface is based on a series of dialog scripts. All scripts
can be found in the /dlg directory. The 5 main Menu options are:
MAIN MENU - (/dlg/dialogmenu.sh)
=========
1 Status
2 OS Administration
3 Honewyall Administration
4 Honeywall Configuration
5 Documentation
6 Exit
STATUS - (/dlg/Status.sh)
======
This is used to determine what the status is of both the operating system
and the Honeywall. Options are
1 Return to main menu
2 Network Interface
3 Honeywall.conf
4 Firewall Rules
5 Running processes
6 Listening ports
7 Snort_inline Alerts-fast
8 Snort_inline Alerts-full
9 Snort Alerts
10 System Logs
11 Inbound Connections
12 Outbound Connections
13 Dropped Connections
14 tcpdstat Traffic Statistics
15 Argus Flow Summaries
16 Tracked Connections
OS ADMINISTRATION - (/dlg/Administration-menu.sh)
=================
Used to change or modify the behavior of the base operating system.
Seperate OS Admin scripts found in /dlg/admin.
1 Back to main menu
2 Clean out Honeywall directories
3 Configure SSH daemon
1 Back to OS Administration Menu
2 Listen on port number
3 Permit remote root login
4 Run SSHD at startup
5 Commit changes and restart SSHD
4 Change Hostname
5 Add User
6 Change Root Password
7 Prepare drive for re-initialization
8 Initialize Drive
9 Create Honeywall directories
10 Reboot Honeywall
HONEYWALL ADMINISTRATION - (/dlg/HoneyAdmin.sh)
========================
Used to execute functionality on the Honeywall. Seperate Honeywall
Admin scripts found in /dlg/operations.
1 Return to main menu
2 Manage configuration subsystem
3 Emergency Lockdown
4 Activate Honeywall
5 Reload Honeywall
6 Reload Snort
7 Reload Snort-Inline
8 Reload Firewall
HONEYWALL CONFIGURATION - (/dlg/HoneyConfig.sh)
=======================
Used to change or modify the configuration of the Honeywall. Any
changes made take effect upon leaving the menu. Seperate scripts
found in /dlg/config.
1 Return to main menu
2 Mode and IP Information Variables - (/dlg/config/ManageIfaceConfig.sh)
1 Back to Honeywall Configuration menu
2 Honeywall Mode
3 Public IP Address
4 Honeypot Private IP Address (NAT mode only)
5 Public Netmask (NAT mode only - for IP alias)
6 Internet Interface
7 Internal Interface
8 LAN Broadcast Address
9 LAN CIDR Prefix
3 Remote Management - (/dlg/config/ManagementOpts.sh)
1 Back to Honeywall Configuration menu
2 Management IP
3 Management Netmask
4 Management Gateway
5 Management DNS Servers
6 Manager
7 Allowed Inbound TCP
8 Restrict Honeywall Outbound Traffic
9 Honeywall Allowed Outbound TCP
10 Honeywall Allowed Outbound UDP
4 Connection Limiting - (/dlg/config/ConnectionLimit.sh)
1 Back to Honeywall Configuration menu
2 Scale
3 TCP Limit
4 UDP Limit
5 ICMP Limit
6 All Other Protocol Limit
5 DNS Handling - (/dlg/config/DNSConfig.sh)
1 Back to Honeywall Configuration menu
2 Honeypot(s) allowed unlimited external DNS
3 Valid external DNS Servers
6 Alerting - (/dlg/config/Email.pl)
1 Add email address
2 Start alerting automatically?
7 Snort_inline
1 Select Snort-Inline Ruleset
1 Drop
2 Reject
3 Replace
2 Enable Snort-Inline
3 Disable Snort-Inline
8 Honeywall Upload
1 Return to Honeywall Configuration
2 Hostname
3 Port
4 Username
5 Syslog Archive Level
6 Upload Firewall Logs
7 Upload Pcap Logs
8 Obfuscate Logs
9 Obfuscation Fake Network
11 Enable
9 Honeywall Summary
1 Return to Honeywall Configuration
2 Honeynet
10 Black and White List
1 Back to Honeywall Configuration menu
2 Black List Filenname
3 White List Filename
4 Enable Black and White List
5 Disable Black and White List
11 Outbound Fence List
1 Back to Honeywall Configuration menu
2 Fence List Filename
3 Enable/Reload Fence List
4 Disable Fence List
12 Sebek
1 Drop
2 Drop and Log
3 Accept
4 Accept and Log
13 Reconfigure System
1 Floppy
2 Defaults
3 Interview
DOCUMENTATION - (/dlg/Documentation-menu.sh)
=============
1 Back to main menu
2 view README.1st
3 view LICENSE
6 view INTERNALS
7 view CUSTOMIZE
8 view ChangeLog
11 view TODO
Please send all feedback to <project@@honeynet.org> and report all
bugs at https://bugs.honeynet.org.