Steve,
On Jan 9, 2008, at 7:19 AM, Steve Ng wrote:
Hi Robert,
I can't see sebek traffic on the network with 3.0.3 version.
Ok... this makes me think it is the sebek client for the 2.4 kernel.
When analyzing the sebek data with walleye, I even did tried
clicking all the processes in the interface followed by that
magnifying glass but there was no opened files or keystrokes logged.
Do you have the time and resources to test the sebek client for
the 2.6 kernel? Would like to see if the issue is with the sebek
client for the 2.4 kernel or if it is on the honeywall itself.
Does the sys_read table of the walleye_0_3 have entries? That is
the table that keeps the key strokes.
Rob
_______________________________________________
Honeywall mailing list
[email protected]
https://public.honeynet.org/mailman/listinfo/honeywall
