-
Notifications
You must be signed in to change notification settings - Fork 411
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CAPE not sniffing the new interface set in Auxiliary conf #2085
Comments
Did you restart cape.service after modify the config? |
I restarted the service and the machine with no luck. |
did you set the interface in kvm.conf? https://github.com/kevoreilly/CAPEv2/blob/master/modules/auxiliary/sniffer.py#L58 |
well on physical, sniffing is useless as it cant sniff remote machine traffic |
No worries. The network analysis can be done manually. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is open source and you are getting free support so be friendly!
Prerequisites
Please answer the following questions for yourself before submitting an issue.
Expected Behavior
I set a different interface in auxilary.conf for CAPE to run TCPDump on to sniff traffic. It should sniff the new interface since i did not see any references in the docs on anywhere else I needed to configure anything else.
Current Behavior
CAPE is not sniffing traffic off the new interface I set in auxiliary.conf.
Steps to Reproduce
Context
I have a fully physical CAPE setup. I tried cating and grepping all the files in /opt/CAPEV2 to see where the tcpdump command is run so I could hard code in my new interface but, I didn't see any hits related to that. I can manually run TCPDump on the new interface and it works with no issues.
New NIC in auxiliary.conf set above.
Picture above is CAPE telling TCPDump to sniff the old interface even through it is no longer configured in auxiliary.conf.
Thanks for the help
The text was updated successfully, but these errors were encountered: