Hi Andre, From your given log, the capture-client doesn't connect to capture-server (There is no line like 'ClientSetState: CONNECTED'). What are on Dos prompt on WinXP? Is there something like c:\progra~1\CaptureClient.exe -s capture-server_ip:port .....? Cheers, Lam.
On Thu, Jun 24, 2010 at 1:19 PM, Andre Hall <ah...@westcoast.com> wrote: > Hi Lam, > > I should have mentioned that I do receive a response from the server when > I issue a ping from the client or the server. I'm also very aware of > broken snapshots and I make it standard protocol to create new shapshots > when executing the capture server for the first time. So new a new > snapshot was immediately created after migrating my VM to my new setup. > > Cheers. > > Andre > > Van Lam Le <vanla...@gmail.com> wrote: > > Hi Andre, > From WinXP, try to ping ip of capture-server to check whether it > replies > or not! If it does not, delete snapshots, restart WinXP, try to ping again > until you can get replies from capture-server, and then take a new > snapshot! > Cheers, > Lam. > > On Thu, Jun 24, 2010 at 12:57 PM, Andre Hall <ah...@westcoast.com> wrote: > > > Hi Lam, > > > > I run Capture server I do see the DOS prompt in my WinXP VM showing that > > client has communication with the server. > > In the case of firewalls - I'm suing my pre-configured XP image I have > from > > my 3 other Capture server (no firewall enabled). I also have firewalling > > (SELinux)disabled on the host.As I stated in my earlier message...I've > > doubled checked my client path in config.xml. I have 3 other Capture > servers > > running identical configurations - same VMs, file paths, etc. > > > > > > > > -----Original Message----- > > From: capture-hpc-boun...@public.honeynet.org on behalf of Van Lam Le > > Sent: Wed 6/23/2010 2:18 PM > > To: General discussion list for Capture-HPC users > > Subject: Re: [Capture-HPC] Capture reverts VM but no browser or URLs. > > Revert in infinite loop. > > > > Hi Andre, > > There are two cases: > > + Client application path: When you run capture-server, have a look on > > client-side. If there is no command prompt windows opened, client > > application cannot be executed remotely. That is client application path > > problem. Please check client application path on windows and client > > application path in your config.xml. > > + Firewall: When you run capture-server, have a look on client-side. > If > > there is a command prompt windows opened, client application is executed > > remotely but it cannot connect to capture-server on port 7070. Please > check > > firewall in both sides! > > Cheers, > > Lam. > > > > On Wed, Jun 23, 2010 at 3:23 PM, Andre Hall <ah...@westcoast.com> wrote: > > > > > Hello all, > > > > > > It's been awhile since I've mailed the group having successfully set 3 > > > Capture-HPCs servers. I'm currently setting up a new server with more > > > current hardware (Intel Core2Quad 2.66 GHz , 8GB memory, 1TB hard > drive, > > > Fedora 10). I've followed all of my previous installations to the > letter > > but > > > I'm running into the server not queueing URLs from my list. I've > checked > > the > > > troubleshooting guide which suggests the problem results from this > error > > > indicating that the application specified in the client-path (the > Capture > > > Client application) wasn't found or doesn't have connectivity to the > > server. > > > All of my paths are consistent across all of my other installations so > > that > > > I can keep all of my installation paths standard. Could there be > anything > > > else I have missed. I wouldn't consider myself an expert at thes > > > installations but I'm pretty close. Thanks in advance. > > > > > > > > > [r...@seeker capture-server]# > java -Djava.net.preferIPv4Stack-true -jar > > > CaptureServer.jar -s 192.168.10.1:7070 -f input_urls.txt > > > PROJECT: Capture-HPC > > > VERSION: 2.5 > > > DATE: Apr 25, 2008 > > > COPYRIGHT HOLDER: Victoria University of Wellington, NZ > > > AUTHORS: > > > Christian Seifert (christian.seif...@gmail.com) > > > Ramon Steenson(ramon.steen...@gmail.com) > > > > > > Capture-HPC is free software; you can redistribute it and/or modify > > > it under the terms of the GNU General Public License, V2 as published > by > > > the Free Software Foundation. > > > > > > Capture-HPC is distributed in the hope that it will be useful, > > > but WITHOUT ANY WARRANTY; without even the implied warranty of > > > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > > > GNU General Public License for more details. > > > > > > You should have received a copy of the GNU General Public License > > > along with Capture-HPC; if not, write to the Free Software > > > Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA > 02110-1301,USA > > > > > > > > > Option added: server-listen-port => 7070 > > > Option added: server-listen-address => 192.168.10.1 > > > Option added: input_urls => input_urls.txt > > > CaptureServer: Listening for connections > > > Validating config.xml ... > > > config.xml successfully validated > > > Option added: capture-network-packets-benign => false > > > Option added: capture-network-packets-malicious => false > > > Option added: client-default => iexplore > > > Option added: client-default-visit-time => 30 > > > Option added: client_inactivity_timeout => 60 > > > Option added: collect-modified-files => true > > > Option added: different_vm_revert_delay => 24 > > > Option added: group_size => 1 > > > Option added: revert_timeout => 120 > > > Option added: same_vm_revert_delay => 6 > > > Option added: send-exclusion-lists => false > > > Option added: terminate => true > > > Option added: vm_stalled_after_revert_timeout => 120 > > > Option added: vm_stalled_during_operation_timeout => 300 > > > ExclusionList: file - FileMonitor.exl: File not found > > > ExclusionList: process - ProcessMonitor.exl: File not found > > > ExclusionList: registry - RegistryMonitor.exl: File not found > > > [192.168.10.1:902] VM added > > > [Jun 22, 2010 6:51:21 PM-192.168.10.1:902-11546362] VMSetState: > > > WAITING_TO_BE_REVERTED > > > PARSING PREPROCESSOR > > > n is null > > > Waiting for input URLs... > > > [Jun 22, 2010 6:51:24 PM-192.168.10.1:902-11546362] VMSetState: > REVERTING > > > [Jun 22, 2010 6:51:30 PM-192.168.10.1:902-11546362] VMSetState: > RUNNING > > > Reverting different VM...waiting considerably > > > [Jun 22, 2010 6:51:54 PM-192.168.10.1:902-11546362] Finished > processing > > VM > > > item: revert > > > Waiting for input URLs... > > > [Jun 22, 2010 6:52:30 PM-192.168.10.1:902-11546362] Client inactivity, > > > reverting VM > > > [Jun 22, 2010 6:52:30 PM-192.168.10.1:902-11546362] VMSetState: > > > WAITING_TO_BE_REVERTED > > > [Jun 22, 2010 6:52:31 PM-192.168.10.1:902-11546362] VMSetState: > REVERTING > > > [Jun 22, 2010 6:52:37 PM-192.168.10.1:902-11546362] VMSetState: > RUNNING > > > Reverting same VM...just waiting a bit > > > [Jun 22, 2010 6:52:43 PM-192.168.10.1:902-11546362] Finished > processing > > VM > > > item: revert[Jun 22, 2010 6:56:22 PM-192.168.10.1:902-11546362] > > VMSetState: > > > REVERTING > > > [Jun 22, 2010 6:56:27 PM-192.168.10.1:902-11546362] VMSetState: > RUNNING > > > Reverting different VM...waiting considerably > > > [Jun 22, 2010 6:56:51 PM-192.168.10.1:902-11546362] Finished > processing > > VM > > > item: revert > > > Waiting for input URLs... > > > [Jun 22, 2010 6:57:28 PM-192.168.10.1:902-11546362] Client inactivity, > > > reverting VM > > > [Jun 22, 2010 6:57:28 PM-192.168.10.1:902-11546362] VMSetState: > > > WAITING_TO_BE_REVERTED > > > [Jun 22, 2010 6:57:29 PM-192.168.10.1:902-11546362] VMSetState: > REVERTING > > > [Jun 22, 2010 6:57:35 PM-192.168.10.1:902-11546362] VMSetState: > RUNNING > > > Reverting same VM...just waiting a bit > > > [Jun 22, 2010 6:57:41 PM-192.168.10.1:902-11546362] Finished > processing > > VM > > > item: revert > > > > > > > > > This e-mail and any files transmitted with it are confidential and > > > intended solely for the use of the individual or entity to whom they > > > are addressed. If you have received this email in error please notify > > > the sender by replying to this e-mail. > > > > > > Replies to this email may be monitored by the Haymarket Group > > > for operational or business reasons. > > > > > > Whilst every endeavour is taken to ensure that e-mails are free from > > > viruses, no liability can be accepted and the recipient is requested > > > to use their own virus checking software. > > > > > > www.haymarket.com > > > > > > Haymarket Media Group Limited > > > Registered in England no. 267189 > > > Registered Office: 174 Hammersmith Road, London W6 7JP > > > > > > --ES > > > > > > _______________________________________________ > > > Capture-HPC mailing list > > > Capture-HPC@public.honeynet.org > > > https://public.honeynet.org/mailman/listinfo/capture-hpc > > > > > > > > > > > > -- > > Van Lam Le > > PhD Student - Room CO335 > > School of Engineering and Computer Science > > Victoria University > > PO Box 600 > > Wellington 6140 > > New Zealand > > Email: van.lam...@ecs.vuw.ac.nz > > Phone: +64 4 463 5233 (ext 8286) > > > > > > _______________________________________________ > > Capture-HPC mailing list > > Capture-HPC@public.honeynet.org > > https://public.honeynet.org/mailman/listinfo/capture-hpc > > > > > > > -- > Van Lam Le > PhD Student - Room CO335 > School of Engineering and Computer Science > Victoria University > PO Box 600 > Wellington 6140 > New Zealand > Email: van.lam...@ecs.vuw.ac.nz > Phone: +64 4 463 5233 (ext 8286) > > _______________________________________________ > Capture-HPC mailing list > Capture-HPC@public.honeynet.org > https://public.honeynet.org/mailman/listinfo/capture-hpc > -- Van Lam Le PhD Student - Room CO335 School of Engineering and Computer Science Victoria University PO Box 600 Wellington 6140 New Zealand Email: van.lam...@ecs.vuw.ac.nz Phone: +64 4 463 5233 (ext 8286)
_______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
