the error msg indicates that you are already running a capture process. kill all java processes and retry...
On Thu, Nov 6, 2008 at 10:17 AM, admin [at] abuse.ch <[EMAIL PROTECTED]> wrote: > Hi there! > > I installed & configured Capture-HPC client and Capture-HPC server. When I > start the > capture server I always get the message "Waiting for input URLs..." and > after > a while "Client inactivity, reverting VM". Here are some information about > my > installation: > > Host system: Windows 2003 Server SP2 (German) > Capture-Server: 2.5.1 - 389 > VMware server: 1.0.7 > Java version: Java RE 6 Update 10 > MS Visual C++ 2008 Redistributable (9.0.21022) > IP address: 192.168.1.4 > > Guest system: Windows XP SP2 (English) > Capture-client: 2.5.1 - 389 > Java version: Java RE 6 Update 10 > MS Visual C++ 2008 Redistributable (9.0.21022) > IP address: 192.168.1.41 > > After I start the Capture Server (CaptureServer.jar) it reverts the VM and > starts a DOS-window on the guest system (capture-client): > > "C:\WINDOWS\system32>c:\progra~1\capture\CaptureClient.exe -s 192.168.1.4-p > 902 > -a 13220408 -b 31379709 1>c:\progra~1\capture\capture.log" > > After that, nothing happens. After a while the capture server reverts the > VM > again.... again... and again. Capture server output: > > "C:\honey>java -Djava.net.preferIPv4Stack=true -jar CaptureServer.jar -s > 192.168.1.4:902 -f C:\honey\input_uris.txt > PROJECT: Capture-HPC > VERSION: 2.5 > DATE: Apr 25, 2008 > > Capture-HPC is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License, V2 as published by > the Free Software Foundation. > > Capture-HPC is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License > along with Capture-HPC; if not, write to the Free Software > Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301,USA > > > Option added: server-listen-port => 902 > Option added: server-listen-address => 192.168.1.4 > Option added: input_urls => C:\honey\input_uris.txt > CaptureServer: exception - java.net.BindException: Address already in use: > JVM_B > ind > java.net.BindException: Address already in use: JVM_Bind > at java.net.PlainSocketImpl.socketBind(Native Method) > at java.net.PlainSocketImpl.bind(Unknown Source) > at java.net.ServerSocket.bind(Unknown Source) > at java.net.ServerSocket.<init>(Unknown Source) > at capture.ClientsController.run(ClientsController.java:39) > at java.lang.Thread.run(Unknown Source) > Validating config.xml ... > config.xml successfully validated > Option added: capture-network-packets-benign => false > Option added: capture-network-packets-malicious => false > Option added: client-default => iexplorebulk > Option added: client-default-visit-time => 20 > Option added: client_inactivity_timeout => 60 > Option added: collect-modified-files => false > Option added: different_vm_revert_delay => 24 > Option added: group_size => 20 > Option added: revert_timeout => 120 > Option added: same_vm_revert_delay => 6 > Option added: send-exclusion-lists => false > Option added: terminate => true > Option added: vm_stalled_after_revert_timeout => 120 > Option added: vm_stalled_during_operation_timeout => 300 > ExclusionList: file - FileMonitor.exl: File not found > ExclusionList: process - ProcessMonitor.exl: File not found > ExclusionList: registry - RegistryMonitor.exl: File not found > [192.168.1.4:902] VM added > [Nov 6, 2008 6:43:57 PM-192.168.1.4:902-8029412] VMSetState: > WAITING_TO_BE_REVERTED > PARSING PREPROCESSOR > n is null > Waiting for input URLs... > [Nov 6, 2008 6:43:59 PM-192.168.1.4:902-8029412] VMSetState: REVERTING > [Nov 6, 2008 6:44:22 PM-192.168.1.4:902-8029412] VMSetState: RUNNING > Reverting different VM...waiting considerably > [Nov 6, 2008 6:44:46 PM-192.168.1.4:902-8029412] Finished processing VM > item: revert > Waiting for input URLs... > [Nov 6, 2008 6:45:22 PM-192.168.1.4:902-8029412] Client inactivity, > reverting VM > [Nov 6, 2008 6:45:22 PM-192.168.1.4:902-8029412] VMSetState: > WAITING_TO_BE_REVERTED > [Nov 6, 2008 6:45:24 PM-192.168.1.4:902-8029412] VMSetState: REVERTING > [Nov 6, 2008 6:45:45 PM-192.168.1.4:902-8029412] VMSetState: RUNNING > Reverting same VM...just waiting a bit > [Nov 6, 2008 6:45:51 PM-192.168.1.4:902-8029412] Finished processing VM > item: revert > Waiting for input URLs... > [Nov 6, 2008 6:46:45 PM-192.168.1.4:902-8029412] Client inactivity, > reverting VM > [Nov 6, 2008 6:46:45 PM-192.168.1.4:902-8029412] VMSetState: > WAITING_TO_BE_REVERTED > [Nov 6, 2008 6:46:46 PM-192.168.1.4:902-8029412] VMSetState: REVERTING" > > Capture server configuration (config.xml): > > "<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xsi:noNamespaceSchemaLocation="config.xsd"> > <!-- version 2.5 --> > <global collect-modified-files="false" > client-default="iexplorebulk" > client-default-visit-time="20" > capture-network-packets-malicious="false" > capture-network-packets-benign="false" > send-exclusion-lists="false" > terminate="true" > group_size="20" > vm_stalled_after_revert_timeout="120" > revert_timeout="120" > client_inactivity_timeout="60" > vm_stalled_during_operation_timeout="300" > same_vm_revert_delay="6" > different_vm_revert_delay="24" > /> > > <exclusion-list monitor="file" file="FileMonitor.exl" /> > <exclusion-list monitor="process" file="ProcessMonitor.exl" /> > <exclusion-list monitor="registry" file="RegistryMonitor.exl" /> > > <!--preprocessor classname="example"> > <![CDATA[ > <example-config attribute1="1.0" > attribute2="40" attribute2="log/output.log"/> > ]]> > </preprocessor--> > > <!--virtual-machine-server type="mock-vm-server" address="127.0.0.1" > port="902" > username="User" password="Password"> > <virtual-machine vm-path="dummyPath" > > client-path="dummyClientPath" > username="User" > password="Password"/> > </virtual-machine-server--> > > <virtual-machine-server type="vmware-server" address="192.168.1.4" > port="902" > username="Administrator" password="hidden"> > <virtual-machine > vm-path="D:\VirutalWorld\honeyclient\WinXP_SP2_EN\WinXP.vmx" > > client-path="C:\Progra~1\capture\CaptureClient.bat" > username="Administrator" > password="hidden"/> > </virtual-machine-server> > </config>" > > Input_uris.txt (C:\honey\input_uris.txt): > > "#several urls. as shown below, one can specify a client application > identifier (iexplore) as well as overwrite the default visitation time for > the url > http://www.google.ch > http://www.google.at > http://www.google.com > http://www.google.de > http://www.google.fr > http://www.google.it > http://www.google.co.nz"; > > Applications.conf: > > "#[Client Name] [Client Path] (Download URL to temp directory and open > from there?) > firefox C:\Program Files\Mozilla Firefox\firefox.exe > opera C:\Program Files\Opera\opera.exe > acrobatreader C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe > yes" > > So whats the point? Can you help me? > > Regards > > _______________________________________________ > Capture-HPC mailing list > Capture-HPC@public.honeynet.org > https://public.honeynet.org/mailman/listinfo/capture-hpc > -- ---- Web: http://www.mcs.vuw.ac.nz/~cseifert PGP key http://www.mcs.vuw.ac.nz/~cseifert/pgpkey.txt Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 BAEF
_______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
