Hi Terry,
Absolutely!!! I'd be very happy to work with you on the documentation. Since my configuration is based on Linux we could work together to put updated documentation in place for both platforms. PDF or Wiki would be brilliant. Once I'm up to speed on how Capture-HPC functions firsthand I'd like to contribute more to the mail list and answer questions as needed. I completely understand where Christian is coming from....we all have full-time jobs so the more help support the project the better. Christian.....I'll scour the archives for some examples of setting up the EXL files. Hopefully I find what I'm looking for. All the best. Andre From: capture-hpc-boun...@public.honeynet.org [mailto:capture-hpc-boun...@public.honeynet.org] On Behalf Of Terry MacDonald Sent: Thursday, January 28, 2010 2:21 PM To: General discussion list for Capture-HPC users Subject: Re: [Capture-HPC] A few questions from a noob Hi Christian, I was thinking about ways of contributing to the Capture-HPC project in some way as you guys have made such a good piece of kit. So I was wondering if I'd be able to help out with some of the doocumentation? If Andre is keen as well maybe we could try getting some of this down into a PDF or Wiki page to help with others who want to set it up (also stop you getting asked so many qiestions over and over). I've made up some documentation already regarding compilation of Capture-HPC client for windows, Capture-HPC server for linux (not my strong point) and Capture-HPC Server for windows. Have also started on configuration notes for them all as well. Would you mind if Andre and I worked on this? It would mean that we may have some questions to ask you, but at least they'll only get asked once? As my company are using Capture-HPC on ESXi I have included some of the changes that need to be made to get it to run on that in the docs, including how to compile it differently. Terry MacDonald 2010/1/29 Christian Seifert <christian.seif...@gmail.com> Andre, thanks for the feedback. I agree with you that the documentation could be improved. Do you want to take a crack at it and send me updated readme files. I will include them into 3.0.1. As per you question re snapshot: login as the user you have defined in your config and take a snapshot. The exl...if you search through the archive, I am sure you will find one. Also, if you read the paper on Capture-BAT, it may give you the info you are looking for. Cheers, Christian On Jan 28, 2010, at 11:32 AM, "Andre Hall" <ah...@westcoast.com> wrote: Hello all, Christian, I wanted to thank you again for the help you provided last week in getting my Capture-HPC box running. My only feedback might be updating the documentation. Although it does provide general instructions on installation I think it could be more specific in what is the recommended requirements for those of us using Linux as the host OS. If a more defined standard was in place this would help out a lot. It was challenging to find a compatible Linux flavor (kernel version) that I could install VMWare 1.0.7. I'm using Fedora 8 and 9 - both running on the kernel versions from the install DVD. I wasted a couple days after realizing updating the systems' kernel would eliminate my chances of install. When I've hammered out my setup of Capture I'd be more than willing to contribute what I've collected from my experiences with the installation. I'm a n00b in this research too and I think it would be helpful as it will help this project expand. I have a questions. Snapshots: I guessing if it really matters or not. Should the VM snapshots be taken at the logon screen or after? Silly question but I have to ask. Exclusions (EXL Files)/Applications.conf This one presents some challenges for me at the moment. I'm trying to get a better understanding of setting up these files and to reduce or eliminate false positives during the site crawl. As an example my current VM has the following apps installed: Adobe Air, Adobe Acrobat, Adobe Flash Plugin, and Java 6 Update 15. Which of these will needs entries in the exl files and which will only need to be entered into the Applications.conf file? I'm guessing Adobe Acrobat will be enter in the Applications.conf since I've read that in the documentation. I'm also confused by the syntax (+, -, \\) I need to use to enter into the each files. Can someone please provide an example of their current exl files or with an example in response to my email. Much appreciated. This has been quite a bit of a learning curve for me. Andre Hall This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by replying to this e-mail. Replies to this email may be monitored by the Haymarket Group for operational or business reasons. Whilst every endeavour is taken to ensure that e-mails are free from viruses, no liability can be accepted and the recipient is requested to use their own virus checking software. www.haymarket.com Haymarket Media Group Limited Registered in England no. 267189 Registered Office: 174 Hammersmith Road, London W6 7JP --ES _______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc _______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
_______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
