After you run the capture server, do you see it listening on port 7070?
Maybe its a permission issue? Are you running as root?

On Thu, Jan 21, 2010 at 6:54 PM, Andre Hall <ah...@westcoast.com> wrote:

> Hi Christian,
>
>
> I've confirmed that there's no other service on port 7070. I can't however
> make any connections on port 7070 via telnet from within the VM. This is the
> exact problem I'm having with the other kit I have setup (Ubuntu 8.10/
> VMWare 1.0.7). These boxes are both new installs on isolated networks before
> I set the up to test.
>
> The instructions you provide with Capture aren't extremely difficult to
> follow. I really don't see how after at least a half dozen attempts I
> haven't reached my goal of completing this install.
>
>
> Any other suggestions?
>
>
>
> -----Original Message-----
> From: capture-hpc-boun...@public.honeynet.org [mailto:
> capture-hpc-boun...@public.honeynet.org] On Behalf Of Christian Seifert
> Sent: Thursday, January 21, 2010 5:08 PM
> To: General discussion list for Capture-HPC users
> Cc: <capture-hpc@public.honeynet.org>
> Subject: Re: [Capture-HPC] (no subject)
>
> Andre, looking at the error it may be that there is another process
> running on port 7070 already. Can you check?
>
> After you start the server it should be listening on 7070 and you
> should be able to connect to it from within the vm. (just use telnet
> to try)
>
> Christian
>
>
>
> On Jan 21, 2010, at 4:01 PM, "Andre Hall" <ah...@westcoast.com> wrote:
>
> > Hello,
> >
> >
> >
> >
> >
> > I’ve been frantically making  an attempt to  successfully setting up
> >  Capture-HPC for some testing – about three weeks. I’ve read both
> > Readme.txt file for the client and server configurations and I’m hop
> > ing I’m using a fairly supported platform as I have tried this my se
> > tup on different Linux OSes and my results are still the same.  I ha
> > ve one system which I’m trying to run Capture’s server, VMServer
> > and the VM clients all from the same machine. Here’s a breakdown of
> > my current configuration. I’m using the latest version of Capture-HP
> > C  - 2.5.1.
> >
> >
> >
> > Fedora 9
> >
> > VMWare Server 1.0.6 (tgz file was download from VMWare’s site. Does
> > not specify if it contains VIX as all Capture documentation insists)
> >
> > I currently have VMWare networking set up with the bridge to eth0,
> > NAT config  for server is 192.168.1.1, no host only config.
> >
> > Xinted is installed
> >
> > Java 1.6
> >
> > Capture-HPC server files with ‘vmware-server IP: 192.168.1.1’
> >
> > Path to VMs: /var/lib/vmware/VM/WinXP/WinXP.vmx
> >
> > Path to Capture Client on VM: C:\Progra~1\capture\CaptureClient.bat
> >
> >
> >
> > Guest VM
> >
> > Windows XP Professional SP2 (no update or firewall enabled)
> >
> > My VM is network currently set to NAT (the VMWare is distributes the
> > IP to the guest. At startup the IP is 192.168.1.128).
> >
> > Visual C++ 2008 Redistributable Package(SP0)
> >
> > Internet Explorer 6
> >
> > I unzipped the CaptureClient and ran the executable. The VM
> > rebooted.  I checked the  exclusion files and made changes to the
> > Application.conf file. Is there anything  else I didn’t do on the cl
> > ient?  Now what?
> >
> >
> >
> > *Since there aren’t  any detailed installation instructions for how
> > VMWare’s networking should be configured the assumption is that my c
> > onfiguration is fine in utilizing NAT. I’m able to lauch my guest VM
> >  and browse the Internet in either setting – NAT or Bridged.  The on
> > ly difference is in Bridged mode my VM acquires and IP from a DHCP s
> > erver I have on my network. If this is wrong it’s an easy fix.
> >
> >
> >
> > Where I’m running into trouble is at the point of running the server
> >  command. Here is the output I receive:
> >
> >
> >
> > [r...@seymour capture-server]# java -Djava.net.preferIPv4Stack=true -
> > jar CaptureServer.jar -s 192.168.1.1 -f input_urls.txt
> > PROJECT: Capture-HPC
> > VERSION: 2.5
> > DATE: Apr 25, 2008
> > COPYRIGHT HOLDER: Victoria University of Wellington, NZ
> > AUTHORS:
> >       Christian Seifert (christian.seif...@gmail.com)
> >       Ramon Steenson(ramon.steen...@gmail.com)
> >
> > Capture-HPC is free software; you can redistribute it and/or modify
> > it under the terms of the GNU General Public License, V2 as
> > published by
> > the Free Software Foundation.
> >
> > Capture-HPC is distributed in the hope that it will be useful,
> > but WITHOUT ANY WARRANTY; without even the implied warranty of
> > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> > GNU General Public License for more details.
> >
> > You should have received a copy of the GNU General Public License
> > along with Capture-HPC; if not, write to the Free Software
> > Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
> > 02110-1301,USA
> >
> >
> > Option added: server-listen-port => 904
> > Option added: server-listen-address => 192.168.1.1
> > Option added: input_urls => input_urls.txt
> > CaptureServer: exception - java.net.BindException: Address already
> > in use
> > java.net.BindException: Address already in use
> >       at java.net.PlainSocketImpl.socketBind(Native Method)
> >       at java.net.AbstractPlainSocketImpl.bind
> > (AbstractPlainSocketImpl.java:336)
> >       at java.net.ServerSocket.bind(ServerSocket.java:336)
> >       at java.net.ServerSocket.<init>(ServerSocket.java:202)
> >       at capture.ClientsController.run(ClientsController.java:39)
> >       at java.lang.Thread.run(Thread.java:636)
> > Validating config.xml ...
> > config.xml successfully validated
> > Option added: capture-network-packets-benign => false
> > Option added: capture-network-packets-malicious => false
> > Option added: client-default => iexplore
> > Option added: client-default-visit-time => 20
> > Option added: client_inactivity_timeout => 60
> > Option added: collect-modified-files => true
> > Option added: different_vm_revert_delay => 24
> > Option added: group_size => 20
> > Option added: revert_timeout => 120
> > Option added: same_vm_revert_delay => 6
> > Option added: send-exclusion-lists => false
> > Option added: terminate => true
> > Option added: vm_stalled_after_revert_timeout => 120
> > Option added: vm_stalled_during_operation_timeout => 300
> > ExclusionList: file - FileMonitor.exl: File not found
> > ExclusionList: process - ProcessMonitor.exl: File not found
> > ExclusionList: registry - RegistryMonitor.exl: File not found
> > [192.168.1.1:904] VM added
> > [Jan 21, 2010 1:18:48 PM-192.168.1.1:902-6259058] VMSetState:
> > WAITING_TO_BE_REVERTED
> > PARSING PREPROCESSOR
> > n is null
> > Waiting for input URLs...
> > [Jan 21, 2010 1:18:51 PM-192.168.1.1:904-6259058] VMSetState:
> > REVERTING
> > VIX Error on connect in connect: The system returned an error.
> > Communication with the virtual machine may have been interrupted
> > E Disconnected
> > [Jan 21, 2010 1:18:56 PM 192.168.1.1:904-6259058] VMware error 255
> > [Jan 21, 2010 1:18:56 PM-192.168.1.1:904-6259058] VMSetState: ERROR
> > Reverting different VM...waiting considerably
> > [Jan 21, 2010 1:19:20 PM-192.168.1.1:904-6259058] Finished
> > processing VM item: revert
> >
> >
> >
> >
> >
> > I’ve tried the configuration a number of ways and I can’t seem to
> > figure out the cause of the error.  The troubleshooting page indicat
> > es the VIX error could possibly be IP and port of the virtual machin
> > e-server setting in config.xml – the VMWare server console and the V
> > Ms all reside on the same machine. I’ve tried the localhost IP addre
> > ss, the IP issued by my DHCP server (10.10.10.13) as well as the VMW
> > are NAT network  server IP address (192.168.1.1) . I’ve even switche
> > d the XP VM networking to Bridged which doesn’t seem to help. I can
> > telnet to the 904 port where I get the VMWare Authentication service
> >  running. I’m baffled that I’m having this much trouble in this
> > self contained environment. All the connections are taking place on
> > the same machine.
> >
> >
> >
> > I would really appreciate some help with this. I have spent a great
> > deal of time troubleshooting this issue and trying to get started in
> > using Capture. As I’m not a novice to networking, Linux, or virtual
> > machines help from the most knowledgeable of this project is welcomed.
> >
> >
> >
> >
> >
> > Thanks in advance.
> >
> >
> >
> >
> >
> > This e-mail and any files transmitted with it are confidential and
> > intended solely for the use of the individual or entity to whom they
> > are addressed. If you have received this email in error please
> > notify the sender by replying to this e-mail. Replies to this email
> > may be monitored by the Haymarket Group for operational or business
> > reasons. Whilst every endeavour is taken to ensure that e-mails are
> > free from viruses, no liability can be accepted and the recipient is
> > requested to use their own virus checking software.
> > www.haymarket.com Haymarket Media Group Limited Registered in
> > England no. 267189 Registered Office: 174 Hammersmith Road, London
> > W6 7JP --ES
> > _______________________________________________
> > Capture-HPC mailing list
> > Capture-HPC@public.honeynet.org
> > https://public.honeynet.org/mailman/listinfo/capture-hpc
> _______________________________________________
> Capture-HPC mailing list
> Capture-HPC@public.honeynet.org
> https://public.honeynet.org/mailman/listinfo/capture-hpc
>
> _______________________________________________
> Capture-HPC mailing list
> Capture-HPC@public.honeynet.org
> https://public.honeynet.org/mailman/listinfo/capture-hpc
>
>


-- 
----
Web: http://www.ecs.vuw.ac.nz/Main/GradChristianSeifert

PGP key
http://homepages.ecs.vuw.ac.nz/~cseifert/pgpkey.txt
Primary key fingerprint:   E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 BAEF
_______________________________________________
Capture-HPC mailing list
Capture-HPC@public.honeynet.org
https://public.honeynet.org/mailman/listinfo/capture-hpc

Reply via email to