Andre, thanks for the feedback.
I agree with you that the documentation could be improved. Do you want
to take a crack at it and send me updated readme files. I will include
them into 3.0.1.
As per you question re snapshot: login as the user you have defined in
your config and take a snapshot.
The exl...if you search through the archive, I am sure you will find
one. Also, if you read the paper on Capture-BAT, it may give you the
info you are looking for.
Cheers,
Christian
On Jan 28, 2010, at 11:32 AM, "Andre Hall" <ah...@westcoast.com> wrote:
Hello all,
Christian, I wanted to thank you again for the help you provided
last week in getting my Capture-HPC box running.
My only feedback might be updating the documentation. Although it
does provide general instructions on installation I think it could
be more specific in what is the recommended requirements for those
of us using Linux as the host OS. If a more defined standard was in
place this would help out a lot. It was challenging to find a
compatible Linux flavor (kernel version) that I could install VMWare
1.0.7. I’m using Fedora 8 and 9 – both running on the kernel
versions from the install DVD. I wasted a couple days after realizin
g updating the systems’ kernel would eliminate my chances of instal
l.
When I’ve hammered out my setup of Capture I’d be more than
willing to contribute what I’ve collected from my experiences with t
he installation. I’m a n00b in this research too and I think it woul
d be helpful as it will help this project expand.
I have a questions.
Snapshots:
I guessing if it really matters or not. Should the VM snapshots be
taken at the logon screen or after? Silly question but I have to ask.
Exclusions (EXL Files)/Applications.conf
This one presents some challenges for me at the moment. I’m trying
to get a better understanding of setting up these files and to reduc
e or eliminate false positives during the site crawl. As an example
my current VM has the following apps installed: Adobe Air, Adobe Ac
robat, Adobe Flash Plugin, and Java 6 Update 15. Which of these will
needs entries in the exl files and which will only need to be enter
ed into the Applications.conf file? I’m guessing Adobe Acrobat will
be enter in the Applications.conf since I’ve read that in the docum
entation. I’m also confused by the syntax (+, -, \\) I need to use
to enter into the each files. Can someone please provide an example
of their current exl files or with an example in response to my ema
il. Much appreciated. This has been quite a bit of a learning curve
for me.
Andre Hall
This e-mail and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please
notify the sender by replying to this e-mail. Replies to this email
may be monitored by the Haymarket Group for operational or business
reasons. Whilst every endeavour is taken to ensure that e-mails are
free from viruses, no liability can be accepted and the recipient is
requested to use their own virus checking software.
www.haymarket.com Haymarket Media Group Limited Registered in
England no. 267189 Registered Office: 174 Hammersmith Road, London
W6 7JP --ES
_______________________________________________
Capture-HPC mailing list
Capture-HPC@public.honeynet.org
https://public.honeynet.org/mailman/listinfo/capture-hpc
_______________________________________________
Capture-HPC mailing list
Capture-HPC@public.honeynet.org
https://public.honeynet.org/mailman/listinfo/capture-hpc
