Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: Elastichoney shows false destination IP and source port #378

Open
Philelis opened this issue Mar 13, 2017 · 1 comment
Open

Bug: Elastichoney shows false destination IP and source port #378

Philelis opened this issue Mar 13, 2017 · 1 comment
Labels
enhancement

Comments

@Philelis
Copy link

Hey,
I tested Elastichoney and saw a false destination_ip. It is every time 1.1.1.1, which is definitely not the IP of the destination. Can someone reproduce this error? I think there is the same issue with source_port.

{ "_id" : ObjectId(""), "destination_ip" : "1.1.1.1", "protocol" : "http", "hpfeed_id" : ObjectId(""), "timestamp" : ISODate("2017-03-13T12:16:35.071Z"), "source_ip" : "192.168.122.1", "source_port" : 0, "destination_port" : 9200, "identifier" : "", "honeypot" : "elastichoney" }

Thanks a lot 👍
@Philelis
Copy link
Author

Philelis commented Mar 14, 2017
edited
Loading

Fix for IP address is in Pull Request #3 from Threatstream/elastichoney. I don't know where to find port.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@d1str0 @Philelis