The capture-client looks at the effects of an successful attack. If you choose to use a patched system, the success rate is greatly reduced and you would only find zero-day attacks. (I personally have not come across a zero-day yet), so I would recommend you use a vulnerable system. On Windows XP SP2, you should get about 1 attack per 1000 URLs on average.
Christian On Fri, Aug 22, 2008 at 1:25 PM, Matthias Luft < [EMAIL PROTECTED]> wrote: > Ok, that would explain it ;-) > > Isn't it important for the Capture-Client to run on a vulnerable system? Or > does the Client catch all malicious access in any case? > > Thank you & regards, > Matthias > > Christian Seifert wrote: > >> capture 2.5 needs windows xp sp2 and c++ redist 2008 SP0. >> Christian >> >> On Fri, Aug 22, 2008 at 3:01 AM, Matthias Luft < >> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> >> wrote: >> >> Hi, >> >> I'm running into some trouble running the beta: >> "The system cannot execute the specified program." on the client >> system, the same error as when missing the SP1 for the C++ >> redistributable, but this one is definitely installed. >> >> Here are the corresponding configs: >> config.xml: >> client-path="C:\Progra~1\Capture\CaptureClient.bat" >> CaptureClient.bat: >> c:\progra~1\Capture\CaptureClient.exe %1 %2 %3 %4 %5 %6 %7 %8 > >> c:\progra~1\Capture\capture.log >> >> The paths are correct, do I need to install any further >> dependencies like the SP1 for C++? >> >> Thank you & regards, >> Matthias >> >> >> Christian Seifert wrote: >> >> Folks, I am just checking in to see whether anybody had a >> chance to look at Capture-HPC 2.5 Beta1 I sent out last >> week...if we get a few to take a look at it, we could release >> it to the public sometime the end of this week. >> Let me know- >> Christian >> >> -- ---- >> Web: >> http://www.mcs.vuw.ac.nz/~cseifert<http://www.mcs.vuw.ac.nz/%7Ecseifert> >> <http://www.mcs.vuw.ac.nz/%7Ecseifert> >> <http://www.mcs.vuw.ac.nz/%7Ecseifert> >> >> PGP key >> >> http://www.mcs.vuw.ac.nz/~cseifert/pgpkey.txt<http://www.mcs.vuw.ac.nz/%7Ecseifert/pgpkey.txt> >> <http://www.mcs.vuw.ac.nz/%7Ecseifert/pgpkey.txt> >> <http://www.mcs.vuw.ac.nz/%7Ecseifert/pgpkey.txt> >> >> Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB >> 0583 B046 BAEF >> >> ------------------------------------------------------------------------ >> >> >> >> _______________________________________________ >> Capture-HPC mailing list >> Capture-HPC@public.honeynet.org >> <mailto:Capture-HPC@public.honeynet.org> >> https://public.honeynet.org/mailman/listinfo/capture-hpc >> >> >> >> _______________________________________________ >> Capture-HPC mailing list >> Capture-HPC@public.honeynet.org >> <mailto:Capture-HPC@public.honeynet.org> >> https://public.honeynet.org/mailman/listinfo/capture-hpc >> >> >> >> >> -- >> ---- >> Web: >> http://www.mcs.vuw.ac.nz/~cseifert<http://www.mcs.vuw.ac.nz/%7Ecseifert>< >> http://www.mcs.vuw.ac.nz/%7Ecseifert> >> >> PGP key >> http://www.mcs.vuw.ac.nz/~cseifert/pgpkey.txt<http://www.mcs.vuw.ac.nz/%7Ecseifert/pgpkey.txt>< >> http://www.mcs.vuw.ac.nz/%7Ecseifert/pgpkey.txt> >> Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 BAEF >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Capture-HPC mailing list >> Capture-HPC@public.honeynet.org >> https://public.honeynet.org/mailman/listinfo/capture-hpc >> >> > > > _______________________________________________ > Capture-HPC mailing list > Capture-HPC@public.honeynet.org > https://public.honeynet.org/mailman/listinfo/capture-hpc > > -- ---- Web: http://www.mcs.vuw.ac.nz/~cseifert PGP key http://www.mcs.vuw.ac.nz/~cseifert/pgpkey.txt Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 BAEF
_______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
