Rin, I am unsure what VMware version Capture-HPC you are using was compiled for. I would recommend for you to recompile capture-server and give it another try. There are instructions in the compile readme.
Christian 2009/10/22 Rin <112tot...@paran.com> > Hi Christina, > > > > I am Rin. I sent my help email to CaptureHpc mailling list. But I > haven't get the comments yet. > > Could you give me some commemts about this problem. > > > > Thank you so much. > > > > > ---------- [ Original Message ] ---------- > > *Subject:* [help]Capture server cannot connet to captuer. VMware error 255 > > *Date:* Fri, 23 Oct 2009 04:20:29 +0900 > > *From:* "Rin" <112tot...@paran.com> > > *To:* <capture-hpc-requ...@public.honeynet.org> > Hi all, > > I am Rin. I installed capture server and capture, but capture server can't > connect to capture. > > Capture server is Fedora core 9 (2.6.25-14.fc9.i686) > capture is on WinXP SP2. > Vmware Server is version 1.0.6. > > > When I installed Vmware server, it didn't have the step to ask who is the > administrator for VMware server. > So, I gave one of IDs and passwords for host machine to the config.xml. > Is that right? > > I opened port 904 and 7070 from firewall on Guest OS(capture side). > When I ran capture server, VM didn't revert. > > During Captuer server was conneting to capture, I checked "netstat". > The test message of Capture server didn't have port 904, but have 7070, and > capture also didn't have port 904, 7070. > > The telnet 904 message from capture to server is "220 VMware Authentication > Daemon Version 1.10: SSL Required, MKSDisplayProtocol: > VNC". > > I need your help. Thank you... > > java -Djava.net.preferIPv4Stack=true -jar CaptureServer.jar -s > 203.222.240.5:7070 -f input_urls.txt > > ------- result > > Option added: server-listen-port => 7070 > Option added: server-listen-address => 203.222.240.5 > Option added: input_urls => input.list > CaptureServer: Listening for connections > Validating config.xml ... > config.xml successfully validated > Option added: capture-network-packets-benign => false > Option added: capture-network-packets-malicious => false > Option added: client-default => iexplore > Option added: client-default-visit-time => 10 > Option added: client_inactivity_timeout => 60 > Option added: collect-modified-files => false > Option added: different_vm_revert_delay => 24 > Option added: group_size => 50 > Option added: revert_timeout => 120 > Option added: same_vm_revert_delay => 6 > Option added: send-exclusion-lists => false > Option added: terminate => true > Option added: vm_stalled_after_revert_timeout => 120 > Option added: vm_stalled_during_operation_timeout => 300 > ExclusionList: file - FileMonitor.exl: File not found > ExclusionList: process - ProcessMonitor.exl: File not found > ExclusionList: registry - RegistryMonitor.exl: File not found > [203.222.240.5:904] VM added > [10월 23, 2009 3:39:02 오전-203.222.240.5:904-1603604] VMSetState: > WAITING_TO_BE_REVERTED > PARSING PREPROCESSOR > n is null > Waiting for input URLs... > ExclusionList: registry - RegistryMonitor.exl: File not found > [10월 23, 2009 3:39:05 오전-203.222.240.5:904-1603604] VMSetState: REVERTING > VIX Error on connect in connect: The system returned an error. > Communication with the virtual machine may have been interrupted > E Disconnected > [10월 23, 2009 3:39:06 오전 203.222.240.5:904-1603604] VMware error 255 > [10월 23, 2009 3:39:06 오전-203.222.240.5:904-1603604] VMSetState: ERROR > Reverting different VM...waiting considerably > [10월 23, 2009 3:39:30 오전-203.222.240.5:904-1603604] Finished processing VM > item: revert > Waiting for input URLs... > Waiting for input URLs... > [10월 23, 2009 3:41:06 오전-203.222.240.5:904-1603604] VM stalled, reverting > VM > [10월 23, 2009 3:41:06 오전-203.222.240.5:904-1603604] VMSetState: > WAITING_TO_BE_REVERTED > [10월 23, 2009 3:41:07 오전-203.222.240.5:904-1603604] VMSetState: REVERTING > VIX Error on connect in connect: The system returned an error. > Communication with the virtual machine may have been interrupted > E Disconnected > [10월 23, 2009 3:41:08 오전 203.222.240.5:904-1603604] VMware error 255 > [10월 23, 2009 3:41:08 오전-203.222.240.5:904-1603604] VMSetState: ERROR > Reverting same VM...just waiting a bit > [10월 23, 2009 3:41:14 오전-203.222.240.5:904-1603604] Finished processing VM > item: revert > Waiting for input URLs... > > ---------config.xml > > <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xsi:noNamespaceSchemaLocation="config.xsd"> > <!-- version 2.5 --> > <global collect-modified-files="false" > client-default="iexplore" > client-default-visit-time="10" > capture-network-packets-malicious="false" > capture-network-packets-benign="false" > send-exclusion-lists="false" > terminate="true" > group_size="50" > vm_stalled_after_revert_timeout="120" > revert_timeout="120" > client_inactivity_timeout="60" > vm_stalled_during_operation_timeout="300" > same_vm_revert_delay="6" > different_vm_revert_delay="24" > /> > > <exclusion-list monitor="file" file="FileMonitor.exl" /> > <exclusion-list monitor="process" file="ProcessMonitor.exl" /> > <exclusion-list monitor="registry" file="RegistryMonitor.exl" /> > > > <virtual-machine-server type="vmware-server" > address="203.222.240.5" port="904" > username="one of IDs of my Server" password="one of > Password of my Server"> > <virtual-machine vm-path="/var/lib/vmware/Virtual > Machines/WindowXP SP2/WindowXP2.vmx" > > client-path="C:\Progra~1\Capture\CaptureClient.bat" > username="ID" > password="Passowrd"/> > </virtual-machine-server> > </config> > > > > <http://mailintro.paran.com/event/sms/?p_eye=mail%5Esms%5Esms%5Emai%5Ebanner_0501> > > <http://mailintro.paran.com/event/sms/?p_eye=mail%5Esms%5Esms%5Emai%5Ebanner_0501> > -- ---- Web: http://www.ecs.vuw.ac.nz/Main/GradChristianSeifert PGP key http://homepages.ecs.vuw.ac.nz/~cseifert/pgpkey.txt Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 BAEF
_______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
