Hi Christian, One idea is a web based front end for controlling the Capture Server, kind of like what the Web Exploit Finder client honeypot uses: http://www.xnos.org/security/web-exploit-finder/functionality.html. Having that easy web based control could make this technology more accessible to people.
I also see that HoneyC has something under development along similar lines but I haven't installed HoneyC yet. Cheers Terry MacDonald 2010/1/28 Emilio Casbas <ecas...@gmail.com> > Hi Christian, > > Great to hearing from you these news. > > I have been enjoying playing with capture-HPC and I hope to enjoy in the > future > with more features and versions to play with. > > I send you some issues I have experimented with capture-HPC after intensive > use: > > 1) The URIs components are case-sensitive as defined by RFC standards > http://tools.ietf.org/html/rfc3986 > Capture-HPC convert all URLs to be processed to lowercase resulting > in a failure with the analysis. I have experimented this behaviour several > times. > https://projects.honeynet.org/capture-hpc/ticket/745 > > 2) Sometimes it's a bit tricky to clean false positives by playing > with the exl files. So a feature like the self learning mode for creation > of exclusion lists it would be useful > https://projects.honeynet.org/capture-hpc/ticket/691 > > 3) Capture-HPC errors like; 'error:NETWORK_ERROR-2148270085', > error:NETWORK_ERROR-2148270093, error:VISITATION_WARNING-268455937 > and several similar are very cryptic. It would be great to have errors more > user-friendly > or easy to map to more understandable or standard code errors (where it's > applicable). > Semi-related bug https://projects.honeynet.org/capture-hpc/ticket/726 > > Now some questions. > What plan do you have between the two capture-HPC main versions 2.5 and 3.0 > ? > Are you going to develop them in parallel or are you going to focus in 3.0 > instead? > Do you have any plan to migrate the JAVA code to another programming > language? > > my 2 cents. Keep the great work with capture-HPC. > > Regards > Emilio > > > > 2010/1/27 Christian Seifert <christian.seif...@gmail.com> > >> Steve, first off I'd like to say there is a committment to keep the >> project live, grow and support it. >> >> That said, both Ramon and I have full time jobs, so the time that we >> directly can invest is limited. >> >> For 2010, I hope we can drive the features further (including a stable >> release.) I hope we can do this through the google summer of code and/or >> smaller projects that the Victoria University is taking on. >> >> What could really help us is to get some ideas going from you all who use >> it. What would you like to see? What bugs/issues are really making your life >> difficult? >> >> Christian >> >> >> On Jan e26, 2010, at 10:44 AM, Steve Taylor all< >> steve.tay...@securecommand.com> wrote: >> >> Hey all, >>> >>> I've noticed that the repository for capture hasn't been touched in >>> months. Is the project still being actively worked on? Our company >>> frequently makes use of the client, but some stability problems and other >>> bugs are blockers for us. >>> >>> Just curious of the state of the project, the beta is great and you guys >>> have developed a wonderful tool! >>> >>> -Steve >>> _______________________________________________ >>> Capture-HPC mailing list >>> Capture-HPC@public.honeynet.org >>> https://public.honeynet.org/mailman/listinfo/capture-hpc >>> >> _______________________________________________ >> Capture-HPC mailing list >> Capture-HPC@public.honeynet.org >> https://public.honeynet.org/mailman/listinfo/capture-hpc >> > > > _______________________________________________ > Capture-HPC mailing list > Capture-HPC@public.honeynet.org > https://public.honeynet.org/mailman/listinfo/capture-hpc > >
_______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
