On Sunday 01 November 2009 21:18:15 Christian Seifert wrote: > Folks, > > after a year of silence, we are releasing a new version of Capture-HPC > 3.0.0 beta. The new functionality is a mix of some longer term efforts of > Ramon (Connection Monitor) and myself (pcap postprocessor) as well as > improvements that resulted from the Google Summer of Code project (DB > integration) by our student Van Lam Le (mentored by Peter Komisarczuk from > the New Zealand Honeynet Project Chapter). > > You can download the new version from the Beta Release section at > https://projects.honeynet.org/capture-hpc/wiki/Releases. > > Capture-HPC 3.0.0 contains the following new features: > + added connection monitor that can alert on connection/listening events on > the network. This could be used to identify attacks that merely reside in > memory. > + added support for a backend mysql or postgress database > + added post processor plugin architecture. Postprocessors allow to perform > actions on classified URLs. > + added a post processor that analyzes the network data of a classified > URL. It extracts DNS information, HTTP requests and determines whether any > domain name is part of a fast flux network. Note that this post processor > only works with a group size of 1. Otherwise the network of the entire > group is analyzed. > > It is a beta release and as such as not received as much testing as > official releases. I am getting this release in front of you all to > solicit some of your support in testing this beta prior to the official > release. I need a few volunteers that take a look at specific > functionality: > - DB integration mysql > - DB integration postgress > - Connection montior > - Pcap postprocessor > - regression > Pls reply to me directly if you can take on one of these areas, so I know > which ones get appropriate coverage. > > As you identify issues, pls file a ticket in our ticketing system at > https://projects.honeynet.org/capture-hpc/newticket. (be sure to select > version 3.0.0) > > We have done some cursory testing and already identified some issues, which > are listed under https://projects.honeynet.org/capture-hpc/report/2 . > > Christian > Hi everybody!
We have some doubts with capture2.6 and we would like to know if they have been solved in capture3.0. - Windows 7 is supported by Capture-3.0? - Sometimes the inclusion/exclusion lists are not working correctly. It seems a random behaviour, today is OK and maybe tomorrow Fails. Any suggestion? The syntax is OK, we can asure you that. - Finally, we have had some misterious problems with Vista environment, any Idea? That's all for today :) Thank you for you attention. Regards. -- _________________________________ Ferran Pichel Llaquet Analista en Seguridad CEH Dpto. de Auditoría fpic...@isecauditors.com Internet Security Auditors www.isecauditors.com c. Santander, 101. Edif. A. 2º E-08030 Barcelona (Spain) Tel: +34 93 305 13 18 Fax: +34 93 278 22 48 Pº. de la Castellana, 164-166. Entlo. 1ª E-28046 Madrid (Spain) Tel: +34 91 788 57 78 Fax: +34 91 788 57 01 ____________________________________ Este mensaje y los documentos que, en su caso lleve anexos, pueden contener información CONFIDENCIAL. Por ello, se informa al destinatario que la información contenida en el mismo es reservada y su uso no autorizado, publicación o difusión, entera o parcialmente, tanto en formato o medio físico como electrónico, sin el previo consentimiento de Internet Security Auditors, está prohibida legalmente. Si ha recibido este correo por error, le rogamos que nos lo comunique por la misma vía o por teléfono (+34 93 305 13 18), se abstenga derealizar copias del mensaje o remitirlo o entregarlo a otra persona y proceda a borrarlo de inmediato. En cumplimiento de la Ley Orgánica 15/1999 de 13 de diciembre de protección de datos de carácter personal, Internet Security Auditors, le informa de que sus datos personales se han incluido en ficheros informatizados titularidad de Internet Security Auditors, que será el único destinatario de dichos datos, y cuya finalidad exclusiva es la gestión de clientes y acciones de comunicación comercial, y de que tiene la posibilidad de ejercer los derechos de acceso, rectificación, cancelación y oposición previstos en la ley mediante carta dirigida a Internet Security Auditors, c. Santander, 101. Edif. A. 2º, E-08030 Barcelona, o vía e-mail a la siguiente dirección de correo: le...@isecauditors.com _______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
