=?gbk?B?u9i4tKO6IFtIb25leXdhbGxdIEFib3V0IHRoZSBw?= =?gbk?B?cm9jZXNzIHRyZWUgYW5kIHRoZSByZWxhdGVkIGNv?= =?gbk?B?bW1hbmQ=?=

=?gbk?B?L2Ftzt7P4M38LzpQ?= gzc5555 at foxmail.com
Wed Jun 3 01:56:23 EDT 2009


Hi 
I would do and check on the basis of your suggestion.
Thanks Chengyu for your help!
 
 
------------------ ԭʼÓʼþ ------------------
·¢¼þÈË: "Chengyu Song"<songchengyu at honeynet.org>;
·¢ËÍʱ¼ä: 2009Äê6ÔÂ2ÈÕ(ÐÇÆÚ¶þ) ÍíÉÏ9:18
ÊÕ¼þÈË: "Mailing list for users and developers of the Honeywall"<honeywall at public.honeynet.org>; 

Ö÷Ìâ: Re: [Honeywall] About the process tree and the related command

 
  Hi Gaozc,
 
 If you want to see the Sebek data on Walleye, the process and command information must be corelated to a network flow through socket. I'd also like a seperate page for Sebek data only, but unfortunately, there is no such page now. So I suggest you check the socket information and network flow information to find out why they are not corelated.
 
 Thanks,
 
 Chengyu


 2009/6/1 Gaozc <gzc5555 at foxmail.com>
     Dear all:
 I met a trouble when I use the walleye UI to analyze the data. The problem is that I cann't see the process tree and the related command occuring in the honeypot,but the database have data about these information (sys_socket,sys_read,process,process_tree and so on).
 The other function about thewalleyeUI is normal. I deploy the honeynet in the virtual way by the Vmware Workstation. The Host Computer is Windows 2003 ,Install the honeywall with roo-1.4 and the os of the honeypotis windows 2000 and 2003.
 
 Thankyou very much for any help on this problem!




_______________________________________________
Honeywall mailing list
Honeywall at public.honeynet.org
 https://public.honeynet.org/mailman/listinfo/honeywall




 

-- 
Chengyu Song
Chinese Chapter, Honeynet Project
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://public.honeynet.org/pipermail/honeywall/attachments/20090603/a14b66e0/attachment.html


More information about the Honeywall mailing list