Ferran, thanks for your feedback.

Re version 2.6 issues, I am unsure whether they will exist in 3.0 as 2.6 was never released and therefore didn't receive a lot of testing.

I would appreciate if you could take a look at 3.0 and let us know (via a ticket) on whether you are still encountering these issues.

also to answer your question: 3.0 should work on win7. let us know if you have any issues.

thanks
Christian



On Nov 2, 2009, at 5:02 AM, Ferran Pichel <fpic...@isecauditors.com> wrote:

On Sunday 01 November 2009 21:18:15 Christian Seifert wrote:
Folks,

after a year of silence, we are releasing a new version of Capture- HPC 3.0.0 beta. The new functionality is a mix of some longer term efforts of
Ramon (Connection Monitor) and myself (pcap postprocessor) as well as
improvements that resulted from the Google Summer of Code project (DB
integration) by our student Van Lam Le (mentored by Peter Komisarczuk from
the New Zealand Honeynet Project Chapter).

You can download the new version from the Beta Release section at
https://projects.honeynet.org/capture-hpc/wiki/Releases.

Capture-HPC 3.0.0 contains the following new features:
+ added connection monitor that can alert on connection/listening events on the network. This could be used to identify attacks that merely reside in
memory.
+ added support for a backend mysql or postgress database
+ added post processor plugin architecture. Postprocessors allow to perform
actions on classified URLs.
+ added a post processor that analyzes the network data of a classified URL. It extracts DNS information, HTTP requests and determines whether any domain name is part of a fast flux network. Note that this post processor only works with a group size of 1. Otherwise the network of the entire
group is analyzed.

It is a beta release and as such as not received as much testing as
official releases. I am getting this release in front of you all to
solicit some of your support in testing this beta prior to the official
release. I need a few volunteers that take a look at specific
functionality:
- DB integration mysql
- DB integration postgress
- Connection montior
- Pcap postprocessor
- regression
Pls reply to me directly if you can take on one of these areas, so I know
which ones get appropriate coverage.

As you identify issues, pls file a ticket in our ticketing system at
https://projects.honeynet.org/capture-hpc/newticket. (be sure to select
version 3.0.0)

We have done some cursory testing and already identified some issues, which
are listed under https://projects.honeynet.org/capture-hpc/report/2 .

Christian

Hi everybody!

We have some doubts with capture2.6 and we would like to know if they have
been solved in capture3.0.

- Windows 7 is supported by Capture-3.0?
- Sometimes the inclusion/exclusion lists are not working correctly. It seems a random behaviour, today is OK and maybe tomorrow Fails. Any suggestion? The
syntax is OK, we can asure you that.
- Finally, we have had some misterious problems with Vista environment, any
Idea?

That's all for today :) Thank you for you attention.

Regards.
--
_________________________________
Ferran Pichel Llaquet
Analista en Seguridad
CEH
Dpto. de Auditoría
fpic...@isecauditors.com

Internet Security Auditors
www.isecauditors.com

c. Santander, 101. Edif. A. 2º
E-08030 Barcelona (Spain)
Tel: +34 93 305 13 18
Fax: +34 93 278 22 48

Pº. de la Castellana, 164-166. Entlo. 1ª
E-28046 Madrid (Spain)
Tel: +34 91 788 57 78
Fax: +34 91 788 57 01
____________________________________
Este mensaje y los documentos que, en su caso lleve anexos, pueden contener
información CONFIDENCIAL. Por ello, se informa al destinatario que la
información contenida en el mismo es reservada y su uso no autorizad o, publicación o difusión, entera o parcialmente, tanto en formato o me dio físico como electrónico, sin el previo consentimiento de Internet Security Auditors,
está prohibida legalmente.

Si ha recibido este correo por error, le rogamos que nos lo comunique por la misma vía o por teléfono (+34 93 305 13 18), se abstenga derealizar copias del mensaje o remitirlo o entregarlo a otra persona y proceda a borrarlo de
inmediato.

En cumplimiento de la Ley Orgánica 15/1999 de 13 de diciembre de pro tección de datos de carácter personal, Internet Security Auditors, le informa d e que sus datos personales se han incluido en ficheros informatizados titularidad de Internet Security Auditors, que será el único destinatario de dichos datos, y cuya finalidad exclusiva es la gestión de clientes y acciones de com unicación comercial, y de que tiene la posibilidad de ejercer los derechos de acceso, rectificación, cancelación y oposición previstos en la ley mediante carta dirigida a Internet Security Auditors, c. Santander, 101. Edif. A. 2 º, E-08030
Barcelona, o vía e-mail a la siguiente dirección de correo:
le...@isecauditors.com
_______________________________________________
Capture-HPC mailing list
Capture-HPC@public.honeynet.org
https://public.honeynet.org/mailman/listinfo/capture-hpc
_______________________________________________
Capture-HPC mailing list
Capture-HPC@public.honeynet.org
https://public.honeynet.org/mailman/listinfo/capture-hpc

Reply via email to