Hi Christian, I was thinking about ways of contributing to the Capture-HPC project in some way as you guys have made such a good piece of kit. So I was wondering if I'd be able to help out with some of the doocumentation? If Andre is keen as well maybe we could try getting some of this down into a PDF or Wiki page to help with others who want to set it up (also stop you getting asked so many qiestions over and over).
I've made up some documentation already regarding compilation of Capture-HPC client for windows, Capture-HPC server for linux (not my strong point) and Capture-HPC Server for windows. Have also started on configuration notes for them all as well. Would you mind if Andre and I worked on this? It would mean that we may have some questions to ask you, but at least they'll only get asked once? As my company are using Capture-HPC on ESXi I have included some of the changes that need to be made to get it to run on that in the docs, including how to compile it differently. Terry MacDonald 2010/1/29 Christian Seifert <christian.seif...@gmail.com> > Andre, thanks for the feedback. > > I agree with you that the documentation could be improved. Do you want to > take a crack at it and send me updated readme files. I will include them > into 3.0.1. > > As per you question re snapshot: login as the user you have defined in your > config and take a snapshot. > > The exl...if you search through the archive, I am sure you will find one. > Also, if you read the paper on Capture-BAT, it may give you the info you are > looking for. > > Cheers, > > Christian > > > > On Jan 28, 2010, at 11:32 AM, "Andre Hall" <ah...@westcoast.com> wrote: > > Hello all, > > > > > > Christian, I wanted to thank you again for the help you provided last week > in getting my Capture-HPC box running. > > > > My only feedback might be updating the documentation. Although it does > provide general instructions on installation I think it could be more > specific in what is the recommended requirements for those of us using Linux > as the host OS. If a more defined standard was in place this would help out > a lot. It was challenging to find a compatible Linux flavor (kernel version) > that I could install VMWare 1.0.7. I’m using Fedora 8 and 9 – both running > on the kernel versions from the install DVD. I wasted a couple days after > realizing updating the systems’ kernel would eliminate my chances of > install. > > When I’ve hammered out my setup of Capture I’d be more than willing to > contribute what I’ve collected from my experiences with the installation. > I’m a n00b in this research too and I think it would be helpful as it will > help this project expand. > > > > > > I have a questions. > > Snapshots: > > I guessing if it really matters or not. Should the VM snapshots be taken at > the logon screen or after? Silly question but I have to ask. > > > > Exclusions (EXL Files)/Applications.conf > > This one presents some challenges for me at the moment. I’m trying to get > a better understanding of setting up these files and to reduce or eliminate > false positives during the site crawl. As an example my current VM has the > following apps installed: Adobe Air, Adobe Acrobat, Adobe Flash Plugin, and > Java 6 Update 15. Which of these will needs entries in the exl files and > which will only need to be entered into the Applications.conf file? I’m > guessing Adobe Acrobat will be enter in the Applications.conf since I’ve > read that in the documentation. I’m also confused by the syntax (+, -, \\) > I need to use to enter into the each files. Can someone please provide an > example of their current exl files or with an example in response to my > email. Much appreciated. This has been quite a bit of a learning curve for > me. > > > > > > Andre Hall > This e-mail and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they are > addressed. If you have received this email in error please notify the sender > by replying to this e-mail. Replies to this email may be monitored by the > Haymarket Group for operational or business reasons. Whilst every endeavour > is taken to ensure that e-mails are free from viruses, no liability can be > accepted and the recipient is requested to use their own virus checking > software. www.haymarket.com Haymarket Media Group Limited Registered in > England no. 267189 Registered Office: 174 Hammersmith Road, London W6 7JP > --ES > > _______________________________________________ > > Capture-HPC mailing list > Capture-HPC@public.honeynet.org > https://public.honeynet.org/mailman/listinfo/capture-hpc > > > _______________________________________________ > Capture-HPC mailing list > Capture-HPC@public.honeynet.org > https://public.honeynet.org/mailman/listinfo/capture-hpc > >
_______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
