Changes between Version 6 and Version 7 of Releases

Show
Ignore:
Timestamp:
08/28/08 14:54:23 (9 years ago)
Author:
cseifert
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • Releases

    v6 v7  
    11== Releases == 
    22 
    3 [https://projects.honeynet.org/capture-hpc/attachment/wiki/Releases/capture-client-2.1.0-300.zip capture-client-2.1.0-300.zip] 
     3[https://projects.honeynet.org/capture-hpc/attachment/wiki/Releases/capture-client-2.5.0-381.zip capture-client-2.5.0-381.zip] 
    44 
    5 md5: 6ad4d0d4deb2d5bc7922c04b55e62961 
     5md5: c35f43c6ec0dc79723731730378eb192 
    66 
    7 [https://projects.honeynet.org/capture-hpc/attachment/wiki/Releases/capture-client-2.1.0-300-src.zip capture-client-2.1.0-300-src.zip] 
     7The source can be obtained through the following command: svn co https://projects.honeynet.org/svn/capture-hpc/capture-hpc/tags/2.5/capture-client 
    88 
    9 md5: 24cb2e5a49f09244576dd9d27c798d92 
     9[https://projects.honeynet.org/capture-hpc/attachment/wiki/Releases/capture-server-2.5.0-381.zip capture-server-2.5.0-381.zip] 
    1010 
    11 [https://projects.honeynet.org/capture-hpc/attachment/wiki/Releases/capture-server-2.1.0-300.zip capture-server-2.1.0-300.zip] 
     11md5: 6b69a8000b4294fe90f6e158528e6e33 
    1212 
    13 md5: f68cebfff50cb244276b23377d0a1de5 
    14  
    15 [https://projects.honeynet.org/capture-hpc/attachment/wiki/Releases/capture-server-2.1.0-300-src.zip capture-server-2.1.0-300-src.zip] 
    16  
    17 md5: 34ea2bc70bcba80e269f0064e798c9e8 
     13The source can be obtained through the following command: svn co https://projects.honeynet.org/svn/capture-hpc/capture-hpc/tags/2.5/capture-server 
    1814 
    1915[TroubleshootingGuide TroubleshootingGuide] 
     16 
     17'''Release Notes 2.5.0''' 
     18 * added preprocessor plugin architecture. Preprocessor plugins allow to handle the input urls before they are passed onto capture. For instance, this could be used to create a crawler or filtering plugin. 
     19 * added processor ids for state changes (this value is only set if the client plug-in supports this). This allows the client plug-in to determine what URL the attack originates even if multiple URLs are visited at once.  
     20 * Added internetexplorerbulk plug-in that takes advantage of the processor id functionality. Allows to run multiple URLs without the need to revisit the URLs. A mapping of the state changes to the process id will determine which URL was malicious. 
     21 * modified client plug-in to communicate the algorithm it is able to support (Divide-and-conquer, bulk, sequential) 
     22 * upgraded vmware server to 1.0.6, java 6 update 7, NSIS 2.38, boost 1.35.0, visual studio 2008 (requires new VC++ Redist Libraries!) 
     23 * removed timeout factor and added absolute timeout/delay config values (see documentation for description of each option) 
     24 * modified tailing of input file; if no more URLs after a specific timeout are detected, the capture server can configured to terminate or keep tailing the input file for new URLs. 
     25 * implemented staggering revert of virtual machines. If server is configured with multiple VMs, they are not all reverted at the same time. 
     26 * changed threading structure to be more stable (leads to less client inactivity errors) 
     27 * changed IE plugin to close all IE windows (fixes pop ups hanging around) 
     28 * optimized handling of zipping of files - leads to speedup if network capture is not enabled 
     29 * fixed bug 718,729,709 
     30 
     31''Known Issues'' 
     32 * 737 capture client crashes when installing a program (lots of events). 
     33 * 736 When IE instance locks up, close method fails leading to a VM stalled error. (but those failures are now retried once) 
     34 * 735 When Capture-Client crashes, it will lead to a client inactivity errors. (but those failures are now retried once) 
     35 * 734 Terminate process is not recorded 
     36 * 615 Registry monitoring can't handle a key named  
     37 * 690 Capture is not able to detect file renames 
     38 * 676 Empty password on the user of the guest vm in the config.xml causes the capture server to crash (Windows only). 
     39 * 706 Capture seems to ignore the VM server port. 
     40 * 719 Closing a browser during visitation does not cause this event to be reported back to the server 
     41 * 721 filedownloader writes to const file name preventing dac algorithm to be applied for applications that make use of this feature 
     42 
    2043 
    2144'''Release Notes 2.1.0''' 
     
    3659    * removed jni usage for revert and replaced with a stand alone C prg for stability reasons 
    3760    * fixed bug 696, 655, 657, 613, 689, 711 
    38  
    39 ''Known Issues'' 
    40  
    41  * 615  Registry monitoring can't handle a key named  
    42  * 690  Capture is not able to detect file renames 
    43  * 676  Empty password on the user of the guest vm in the config.xml causes the capture server to crash (Windows only). 
    44  * 706  Capture seems to ignore the VM server port. 
    45  * 709  sending of exclusion list from server doesnt appear to be working (only affects process exclusion list) 
    46  * 718  malware file copy not functioning unless network copy on malicious URL is enabled 
    47  * 719  closing a browser during visitation does not cause this event to be reported back to the server 
    48  * 721  filedownloader writes to const file name preventing dac algorithm to be applied for applications that make use of this feature 
    4961 
    5062'''Release Notes 2.01'''