bportmapd - a portmap emulation service

Brian Caswell <bmc@snort.org>
[ Address Removed.  Niels Provos ]

INCLUDED FILES:

README               - This file
bportmapd            - The actual honeyd service (FYI, works fine in inetd too)
docs/bportmapd.1     - documentation for bportmapd (in man format)
docs/bportmapd.txt   - documentation for bportmapd (in text format)
docs/bportmapd.pod   - documentation for bportmapd (in pod format)

contrib/gen-config   - the script I use to generate a honeyd configuration
contrib/start        - the script I use to start honeyd for testing
etc/config           - the configuration I use for testing

hosts/debian         - rpcinfo dump from my debian box
hosts/solaris-2.7    - rpcinfo dump from my solaris 2.7 box
hosts/openbsd-2.8    - rpcinfo dump from my openbsd 2.8 box


NOTES:

I have been using bportmapd for the last three weeks.  I use it to emulate 
portmapd and RPC services that I have for vulnerabilities for which I have 
exploits but not vulnerable servers while I am writing snort rules.  I have 
been able to f ool statd, tooltalk, rquota, and sadmind exploits into firing 
on bportmapd which logs the full request in HEX format (which makes writing 
snort rules easy :P)
