On Thu, Nov 13, 2008 at 12:25 PM, Emre Bastuz <[EMAIL PROTECTED]> wrote:
> Hi Christian, > > Christian Seifert schrieb: > > this is awesome, emre! > > thanks :) > > > once you have the kinks worked out, please send another email and I will > > post a link from the capture project site to your instructions. > > I believe everything is working now. I just added a section about > installing WinPCAP on the victim for the packet capture part to work. > > Everything should be complete now (including all necessary workarounds). > > Puuuuh ... That was a tough one :) > great, Ill add a link to your post. Thanks so much. > > Something else: as I understand it capture-client does *not* transfer the > files > that get downloaded to the system, right? I need a proxy to gather all > files > in transmission I guess. > the capture client transfers all files that are modified or deleted on the victim. So if a file is transferred and written to disk, its captured; however, if its not written to disk, it is not. > > Another thing: I just looked at one of the pcaps and noticed that the > management communication to the capture-server is also recorded. I´d like > to suggest setting a filter during the packet capture to exclude that. > Yes, someone else suggested this as well....we should as the bytes add up.... thanks again, emre! > > Just an idea. > > Cool software by the way :) > > Cheers, > > Emre > > -- > http://www.emre.de UIN: 561260 > PGP Key ID: 0xAFAC77FD > > I don't see why some people even HAVE cars. -- Calvin > _______________________________________________ > Capture-HPC mailing list > [email protected] > https://public.honeynet.org/mailman/listinfo/capture-hpc > -- ---- Web: http://www.mcs.vuw.ac.nz/~cseifert PGP key http://www.mcs.vuw.ac.nz/~cseifert/pgpkey.txt Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 BAEF
_______________________________________________ Capture-HPC mailing list [email protected] https://public.honeynet.org/mailman/listinfo/capture-hpc
