SourceForge.net: Nepenthes -finest collection-: nepenthes-devel

Home / Browse / Nepenthes -finest collection- / Mail / Archive

Email Archive: nepenthes-devel (read-only)

2005:	_Jan	_Feb	_Mar	_Apr	_May	_Jun	_Jul	_Aug (1)	_Sep (2)	_Oct (5)	_Nov (18)	_Dec (8)
2006:	_Jan (2)	_Feb (4)	_Mar (5)	_Apr (15)	_May (15)	_Jun (14)	_Jul (3)	_Aug (28)	_Sep (3)	_Oct (8)	_Nov (17)	_Dec (21)
2007:	_Jan (21)	_Feb (16)	_Mar (24)	_Apr (10)	_May (12)	_Jun (9)	_Jul (9)	_Aug (8)	_Sep (3)	_Oct (8)	_Nov (13)	_Dec (10)
2008:	_Jan (8)	_Feb (19)	_Mar (2)	_Apr	_May (3)	_Jun (13)	_Jul (8)	_Aug (7)	_Sep (2)	_Oct (2)	_Nov (28)	_Dec (19)
2009:	_Jan (31)	_Feb (22)	_Mar (19)	_Apr (2)	_May (7)	_Jun (11)	_Jul (14)	_Aug	_Sep (8)	_Oct (23)	_Nov (72)	_Dec (11)
2010:	_Jan (24)	_Feb (15)	_Mar	_Apr (24)	_May (4)	_Jun (3)	_Jul	_Aug (11)	_Sep (70)	_Oct (78)	_Nov (56)	_Dec (36)
2011:	_Jan (47)	_Feb (40)	_Mar (26)	_Apr (35)	_May (27)	_Jun (8)	_Jul (18)	_Aug (24)	_Sep (6)	_Oct (5)	_Nov (36)	_Dec (13)
2012:	_Jan (13)	_Feb (8)	_Mar (22)	_Apr (10)	_May (33)	_Jun (17)	_Jul (30)	_Aug (11)	_Sep (11)	_Oct (29)	_Nov (17)	_Dec (8)
2013:	_Jan (36)	_Feb (12)	_Mar (3)	_Apr (38)	_May (25)	_Jun (11)	_Jul	_Aug	_Sep	_Oct	_Nov	_Dec

[Nepenthes-devel] Norman submissions

From: <verra.ero@ti...> - 2007-05-24 08:52

Hi all!
First of all thank you very much for the attention.

I have 
another problem with submit-norman.
It seems to work,where

submit-
norman.conf:

{
        // this is the adress where norman sandbox 
reports will be sent
        email   "verra.ero@...";
        
urls    ("http://sandbox.norman.no/live_4.html",
                 "http:
//luigi.informatik.uni-mannheim.de/submit.php?action=verify");

};

nepenthes.log (just the interesting part):

[23052007 01:06:32 info mgr 
submit] File 4e26b5051d1b027ab716d61dcb418abb has type MS-DOS 
executable, MZ for MS-DOS 
[23052007 01:06:32 info handler event 
module] LogPrelude EVENT EV_SUBMISSION ftp://1:1@...
1003.exe 4e26b505
1d1b027ab716d61dcb418abb 70656 
[23052007 01:06:32 
info handler event module] LogPrelude EVENT EV_SOCK_TCP_CLOSE
[23052007 
01:06:44 debug info fixme] Submitted file 
4e26b5051d1b027ab716d61dcb418abb to sandbox http://luigi.informatik.uni-
m
annheim.de/submit.php?action=verify
[23052007 01:06:48 debug info 
fixme] Submitted file 4e26b5051d1b027ab716d61dcb418abb to sandbox http:
//sandbox.norman.no/live
_4.html

and, output nepenthes at startup:

[ 
info mgr ] Loaded Nepenthes Configuration from 
"/opt/nepenthes//etc/nepenthes/nepenthes.conf".
[ debug info fixme ] 
Submitting via http post to http://sandbox.norman.no/live_4.html
[ 
debug info fixme ] Submitting via http post to http://luigi.informatik.
uni-mannheim.de/submit.php?action=verify
prelude_string_set_ref_fast:
482: warning, string is not NULL terminated.
prelude_string_set_ref_fast:482: warning, string is not NULL 
terminated.
- Connecting to 127.0.0.1:4690 prelude Manager server.
- 
TLS authentication succeed with Prelude Manager.
[ crit net handler ] 
Could not Bind Socket to Port 25
Address already in use
[ crit net 
handler ] ERROR Could not init Socket Address already in use
[ crit net 
mgr ] ERROR Binding :25 failed
[ info sc module ] Loading signatures 
from file var/cache/nepenthes/signatures/shellcode-signatures.sc
[ crit 
mgr ] Compiled without support for capabilities, no way to run 
capabilities
[ info mgr ] Process groupid 115
[ info mgr ] Process 
userid 110


But two days have passed and i've received no report..What 
i've missing??

Thank you so much!

Re: [Nepenthes-devel] Norman submissions

From: Jan van Lith <Jan.vanLith@su...> - 2007-05-24 09:03

The norman submit address has changed.

Change submit-norman.conf in:

submit-norman
{
        // this is the adress where norman sandbox reports will be sent
        email   "emailaddress";
        urls    ("http://www.norman.com/microsites/nsic/Submit/Special/45773/",
                         "http://luigi.informatik.uni-mannheim.de/submit.php?action=verify");
};


verra.ero@... wrote:
> Hi all!
> First of all thank you very much for the attention.
> 
> I have 
> another problem with submit-norman.
> It seems to work,where
> 
> submit-
> norman.conf:
> 
> {
>         // this is the adress where norman sandbox 
> reports will be sent
>         email   "verra.ero@...";
>         
> urls    ("http://sandbox.norman.no/live_4.html",
>                  "http:
> //luigi.informatik.uni-mannheim.de/submit.php?action=verify");
> 
> };
> 
> nepenthes.log (just the interesting part):
> 
> [23052007 01:06:32 info mgr 
> submit] File 4e26b5051d1b027ab716d61dcb418abb has type MS-DOS 
> executable, MZ for MS-DOS 
> [23052007 01:06:32 info handler event 
> module] LogPrelude EVENT EV_SUBMISSION ftp://1:1@...
> 1003.exe 4e26b505
> 1d1b027ab716d61dcb418abb 70656 
> [23052007 01:06:32 
> info handler event module] LogPrelude EVENT EV_SOCK_TCP_CLOSE
> [23052007 
> 01:06:44 debug info fixme] Submitted file 
> 4e26b5051d1b027ab716d61dcb418abb to sandbox http://luigi.informatik.uni-
> m
> annheim.de/submit.php?action=verify
> [23052007 01:06:48 debug info 
> fixme] Submitted file 4e26b5051d1b027ab716d61dcb418abb to sandbox http:
> //sandbox.norman.no/live
> _4.html
> 
> and, output nepenthes at startup:
> 
> [ 
> info mgr ] Loaded Nepenthes Configuration from 
> "/opt/nepenthes//etc/nepenthes/nepenthes.conf".
> [ debug info fixme ] 
> Submitting via http post to http://sandbox.norman.no/live_4.html
> [ 
> debug info fixme ] Submitting via http post to http://luigi.informatik.
> uni-mannheim.de/submit.php?action=verify
> prelude_string_set_ref_fast:
> 482: warning, string is not NULL terminated.
> prelude_string_set_ref_fast:482: warning, string is not NULL 
> terminated.
> - Connecting to 127.0.0.1:4690 prelude Manager server.
> - 
> TLS authentication succeed with Prelude Manager.
> [ crit net handler ] 
> Could not Bind Socket to Port 25
> Address already in use
> [ crit net 
> handler ] ERROR Could not init Socket Address already in use
> [ crit net 
> mgr ] ERROR Binding :25 failed
> [ info sc module ] Loading signatures 
> from file var/cache/nepenthes/signatures/shellcode-signatures.sc
> [ crit 
> mgr ] Compiled without support for capabilities, no way to run 
> capabilities
> [ info mgr ] Process groupid 115
> [ info mgr ] Process 
> userid 110
> 
> 
> But two days have passed and i've received no report..What 
> i've missing??
> 
> Thank you so much!
> 
> 
> 
> 
> -------------------------------------------------------------------------
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/
> _______________________________________________
> Nepenthes-devel mailing list
> Nepenthes-devel@...
> https://lists.sourceforge.net/lists/listinfo/nepenthes-devel