Where can I get additional help?
There is troubleshooting guide located on the Capture release page, which contains solutions to common problems encountered.
In addition, we have set up a public mailing list for discuss issues around installation & operation, request support, voice feature requests, share your findings, etc. You can subscribe to it via https://public.honeynet.org/mailman/listinfo/capture-hpc
Is there any additional documentation provided with Capture?
Yes, Readme files that come with the Capture distribution contain a wealth of information on how to install, configure and run Capture.
What clients are currently supported with Capture?
Any http protocol clients that allow to specify a URL on the command line (e.g. iexplore http://www.honeynet.org) are supported by Capture-HPC. This includes Opera, Internet Explorer, Firefox and various Office Application.
Where can I find additional exl other than the default provided with the distribution?
Check the mailing list for additional exclusion lists. If you don't find any there and end up creating one, please share it on the mailing list for others to benefit from it.
What other implementations of client honeypots exist?
Besides Capture there are a few other high interaction client honeypots:
But there are several low interaction client honeypots:
There are several other, like the spycrawler from the UW and Honeymonkey from MSFT, but those are not publicly available.
What's up with the client honeypot and honeyclient term?
Honeyclient and client honeypot are synonyms. They are generic terms that describe the concept. However, there is a subtlety here, as "honeyclient" is actually a homograph that could also refer to the first open source client honeypot implementation: MITRE's HoneyClient.
What other resources are out there to learn about and keep up to date about client-side attacks?
There are several excellent blogs from security researchers and corporations. A few we read regularly are listed below:
- WebSense Blog
- Dancho Danchev's Blog
- Google's Online Security Blog
- Stopbadware.org Blog
- ... and many more ...
Under what license is Capture-HPC written and distributed?
The GNU General Public License, v2.