Xu,
If you really wanted to monitor keystrokes etc, I would suggest
"sbk_extract -i (inter iface) -p 1101 | sbk_ks_log.pl "
This should give you keystrokes. This is what you can run inside shell
and then test out your sebek too.
Run the above command and then login to your honeypot, execute some
command from command line and see if you see data (keystrokes etc) on
your roo terminal.
-Parvinder Bhasin
Xu nanxuan wrote:
I just run "sbk_extract -i eth0" in the command line and wait. But
suddently I found that there's no more packet record in Walleye,
although i'm sure lots of packets still exist. And at the same time I
found a system output : ...has killed mysqld...(not very exactly but
more or less). Therefore I think mysql has been closed. So how to start
it again by myself without reboot honeywall?
Thanks!
------------------------------------------------------------------------
Connect to the next generation of MSN Messenger Get it now!
<http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline>
------------------------------------------------------------------------
_______________________________________________
Honeywall mailing list
[email protected]
https://public.honeynet.org/mailman/listinfo/honeywall
_______________________________________________
Honeywall mailing list
[email protected]
https://public.honeynet.org/mailman/listinfo/honeywall
