Ferran, thanks for your feedback.
Re version 2.6 issues, I am unsure whether they will exist in 3.0 as
2.6 was never released and therefore didn't receive a lot of testing.
I would appreciate if you could take a look at 3.0 and let us know
(via a ticket) on whether you are still encountering these issues.
also to answer your question: 3.0 should work on win7. let us know if
you have any issues.
thanks
Christian
On Nov 2, 2009, at 5:02 AM, Ferran Pichel <fpic...@isecauditors.com>
wrote:
On Sunday 01 November 2009 21:18:15 Christian Seifert wrote:
Folks,
after a year of silence, we are releasing a new version of Capture-
HPC
3.0.0 beta. The new functionality is a mix of some longer term
efforts of
Ramon (Connection Monitor) and myself (pcap postprocessor) as well as
improvements that resulted from the Google Summer of Code project (DB
integration) by our student Van Lam Le (mentored by Peter
Komisarczuk from
the New Zealand Honeynet Project Chapter).
You can download the new version from the Beta Release section at
https://projects.honeynet.org/capture-hpc/wiki/Releases.
Capture-HPC 3.0.0 contains the following new features:
+ added connection monitor that can alert on connection/listening
events on
the network. This could be used to identify attacks that merely
reside in
memory.
+ added support for a backend mysql or postgress database
+ added post processor plugin architecture. Postprocessors allow to
perform
actions on classified URLs.
+ added a post processor that analyzes the network data of a
classified
URL. It extracts DNS information, HTTP requests and determines
whether any
domain name is part of a fast flux network. Note that this post
processor
only works with a group size of 1. Otherwise the network of the
entire
group is analyzed.
It is a beta release and as such as not received as much testing as
official releases. I am getting this release in front of you all to
solicit some of your support in testing this beta prior to the
official
release. I need a few volunteers that take a look at specific
functionality:
- DB integration mysql
- DB integration postgress
- Connection montior
- Pcap postprocessor
- regression
Pls reply to me directly if you can take on one of these areas, so
I know
which ones get appropriate coverage.
As you identify issues, pls file a ticket in our ticketing system at
https://projects.honeynet.org/capture-hpc/newticket. (be sure to
select
version 3.0.0)
We have done some cursory testing and already identified some
issues, which
are listed under https://projects.honeynet.org/capture-hpc/report/2 .
Christian
Hi everybody!
We have some doubts with capture2.6 and we would like to know if
they have
been solved in capture3.0.
- Windows 7 is supported by Capture-3.0?
- Sometimes the inclusion/exclusion lists are not working correctly.
It seems
a random behaviour, today is OK and maybe tomorrow Fails. Any
suggestion? The
syntax is OK, we can asure you that.
- Finally, we have had some misterious problems with Vista
environment, any
Idea?
That's all for today :) Thank you for you attention.
Regards.
--
_________________________________
Ferran Pichel Llaquet
Analista en Seguridad
CEH
Dpto. de Auditoría
fpic...@isecauditors.com
Internet Security Auditors
www.isecauditors.com
c. Santander, 101. Edif. A. 2º
E-08030 Barcelona (Spain)
Tel: +34 93 305 13 18
Fax: +34 93 278 22 48
Pº. de la Castellana, 164-166. Entlo. 1ª
E-28046 Madrid (Spain)
Tel: +34 91 788 57 78
Fax: +34 91 788 57 01
____________________________________
Este mensaje y los documentos que, en su caso lleve anexos, pueden
contener
información CONFIDENCIAL. Por ello, se informa al destinatario que la
información contenida en el mismo es reservada y su uso no autorizad
o,
publicación o difusión, entera o parcialmente, tanto en formato o me
dio físico
como electrónico, sin el previo consentimiento de Internet Security
Auditors,
está prohibida legalmente.
Si ha recibido este correo por error, le rogamos que nos lo
comunique por la
misma vía o por teléfono (+34 93 305 13 18), se abstenga derealizar
copias del
mensaje o remitirlo o entregarlo a otra persona y proceda a borrarlo
de
inmediato.
En cumplimiento de la Ley Orgánica 15/1999 de 13 de diciembre de pro
tección de
datos de carácter personal, Internet Security Auditors, le informa d
e que sus
datos personales se han incluido en ficheros informatizados
titularidad de
Internet Security Auditors, que será el único destinatario de dichos
datos, y
cuya finalidad exclusiva es la gestión de clientes y acciones de com
unicación
comercial, y de que tiene la posibilidad de ejercer los derechos de
acceso,
rectificación, cancelación y oposición previstos en la ley
mediante carta
dirigida a Internet Security Auditors, c. Santander, 101. Edif. A. 2
º, E-08030
Barcelona, o vía e-mail a la siguiente dirección de correo:
le...@isecauditors.com
_______________________________________________
Capture-HPC mailing list
Capture-HPC@public.honeynet.org
https://public.honeynet.org/mailman/listinfo/capture-hpc
_______________________________________________
Capture-HPC mailing list
Capture-HPC@public.honeynet.org
https://public.honeynet.org/mailman/listinfo/capture-hpc