pfSense Gold Subscription

Author Topic: Imspector 0.7  (Read 22166 times)

0 Members and 1 Guest are viewing this topic.

Offline funnyfrish

  • Newbie
  • *
  • Posts: 11
  • Karma: +0/-0
    • View Profile
Imspector 0.7
« on: November 24, 2008, 03:35:18 pm »
I want to request how much would it cost if anybody could implement the newest version of Imspector into pfsense, or supply us an update script???

Here you can find the source code (it seems to be easy to make it working for pfsense).
http://www.imspector.org/
http://www.imspector.org/downloads/imspector-0.7.tar.gz

Offline Slam

  • Sr. Member
  • ****
  • Posts: 302
  • Karma: +1/-0
    • View Profile

Offline billm

  • Hero Member
  • *****
  • Posts: 731
  • Karma: +1/-1
    • View Profile
    • UCSecurity - Technology discovery and ramblings
Re: Imspector 0.7
« Reply #2 on: February 08, 2009, 10:30:38 pm »
Is there still any interest in this bounty?  I spent some time tonight updating the package to 0.8.  It appears to work, I've done nothing to update it's capabilities and I haven't yet pushed it to the package server (there are some new pre-reqs, iconv and perl - perl is a prereq for iconv - and I haven't decided how to address this yet).

--Bill
pfSense core developer
blog - http://www.ucsecurity.com/
twitter - billmarquette

Offline funnyfrish

  • Newbie
  • *
  • Posts: 11
  • Karma: +0/-0
    • View Profile
Re: Imspector 0.7
« Reply #3 on: February 09, 2009, 03:07:06 am »
thats very nice billm.

If you need a tester, i can do that.

please tell us how many hours you have spent on that.

Offline AudiAddict

  • Full Member
  • ***
  • Posts: 201
  • Karma: +0/-0
    • View Profile
Re: Imspector 0.7
« Reply #4 on: February 09, 2009, 03:35:18 am »
Great work bill!

It seems the latest version of msn does has some kind of security, the chat logs are not being logged with the current imspector version :(

edit : Actually it does seem to log, but not using the contact names anymore, it displays weird strings : {90ef587c-b7cb-4110-9b5a-db95dd1c2339} and groupchat. I hope the latest package/build solves this problem.
« Last Edit: February 09, 2009, 03:38:20 am by AudiAddict »

Offline billm

  • Hero Member
  • *****
  • Posts: 731
  • Karma: +1/-1
    • View Profile
    • UCSecurity - Technology discovery and ramblings
Re: Imspector 0.7
« Reply #5 on: February 09, 2009, 08:28:30 am »
thats very nice billm.

If you need a tester, i can do that.

please tell us how many hours you have spent on that.

It's been a couple hours already.  I expect it'll be a couple more - I'd like to get all the protocols added and I need to confirm the mysql logging - I suspect my package doesn't do it (and I'm not convinced that the existing one does either - even though the config screen is there for it).

--Bill
pfSense core developer
blog - http://www.ucsecurity.com/
twitter - billmarquette

Offline funnyfrish

  • Newbie
  • *
  • Posts: 11
  • Karma: +0/-0
    • View Profile
Re: Imspector 0.7
« Reply #6 on: February 09, 2009, 09:22:54 am »
thats right. I also couldn't get the database function work. The most important function is that IMSpector
records the protocols (especially jabber/googletalk, MSN, ICQ, AIM)


Offline mcrane

  • Sr. Member
  • ****
  • Posts: 495
  • Karma: +0/-0
    • View Profile
Re: Imspector 0.7
« Reply #7 on: February 09, 2009, 11:30:51 am »
I want to request how much would it cost if anybody could implement the newest version of Imspector into pfsense, or supply us an update script???

billm has stated that he has spent a couple of hours on this already and will need a couple hours more to clean it up. Assuming a couple hours means 2-3 hours the time that will be spent on this is 4-6 hours. Developers in the US often charge 100 or more per hour this puts the fair price of this bounty at $400-600 dollars. If you cannot pony up that much then at least contribute what you can and perhaps others will also contribute. funnyfrish: you are under greater obligation since you started the bounty to at least contribute something.

Offline funnyfrish

  • Newbie
  • *
  • Posts: 11
  • Karma: +0/-0
    • View Profile
Re: Imspector 0.7
« Reply #8 on: February 09, 2009, 04:20:30 pm »
thats right mcrane!

Im contributing 25 to his paypal account. Please send a PM to billm and he will let you know on which account you
can transfer the donation.

Im confidental that it is worth.

Again thank you for your effort!

Offline billm

  • Hero Member
  • *****
  • Posts: 731
  • Karma: +1/-1
    • View Profile
    • UCSecurity - Technology discovery and ramblings
Re: Imspector 0.7
« Reply #9 on: February 09, 2009, 06:55:29 pm »
Thanks to funnyfrish - donation received.

For the record, yes, it was about 2 hours last night getting imspector 0.8 to compile inside the FreeBSD ports foundation, testing, and fixing some of the pfSense package info for imspector (already committed).  I expect another 2-3 hours trying to work around needing iconv and perl and fixing up the pfSense package to accommodate the newer features in imspector.  MySQL will be a different effort I'm afraid, I'm not convinced I want to support it - sqlite is under consideration as it's needed for the message injection feature, which I would like to see.  Look for the basic update to 0.8 by this weekend, database functionality needs more thought and may or may not make it in.

--Bill
pfSense core developer
blog - http://www.ucsecurity.com/
twitter - billmarquette

Offline billm

  • Hero Member
  • *****
  • Posts: 731
  • Karma: +1/-1
    • View Profile
    • UCSecurity - Technology discovery and ramblings
Re: Imspector 0.7
« Reply #10 on: February 09, 2009, 11:33:50 pm »
OK, the easy way to test this package out while I'm still working on it is to install 0.5 from the pfSense package manager.  Then drop to the shell and:
pkill imspector
pkg_delete imspector-0.5
pkg_add -r http://www.ucsecurity.com/downloads/imspector-0.8.tbz
# This will add perl also
pkg_add -r iconv

Save settings in the imspector services menu.  You should be good to go.  More changes coming, but that'll get you started and able to test.

--Bill
pfSense core developer
blog - http://www.ucsecurity.com/
twitter - billmarquette

Offline billm

  • Hero Member
  • *****
  • Posts: 731
  • Karma: +1/-1
    • View Profile
    • UCSecurity - Technology discovery and ramblings
Re: Imspector 0.7
« Reply #11 on: February 10, 2009, 12:41:43 am »
OK, the easy way to test this package out while I'm still working on it is to install 0.5 from the pfSense package manager.  Then drop to the shell and:
pkill imspector
pkg_delete imspector-0.5
pkg_add -r http://www.ucsecurity.com/downloads/imspector-0.8.tbz
# This will add perl also
pkg_add -r iconv

Save settings in the imspector services menu.  You should be good to go.  More changes coming, but that'll get you started and able to test.

--Bill

Disregard...you should be able to install 0.8 from the packages menu now.

--Bill
pfSense core developer
blog - http://www.ucsecurity.com/
twitter - billmarquette

submicron

  • Guest
Re: Imspector 0.7
« Reply #12 on: February 10, 2009, 01:14:57 pm »
Bill,

I just installed 0.8 onto a 1.2.2-release box.  The interface looks great, but so far its either not capturing discussions or not logging them.  I can't tell which.  I haven't played with this software before so anything I can do to help you test this?

Offline olof

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: Imspector 0.7
« Reply #13 on: February 10, 2009, 01:36:03 pm »
I had 0.4 on previously and am not convinced its upgrading correctly... Ive tried an uninstall and reinstall any other ideas? Should there be any changes in the interface, I cant see any of the new protocol options...

Rich

Offline billm

  • Hero Member
  • *****
  • Posts: 731
  • Karma: +1/-1
    • View Profile
    • UCSecurity - Technology discovery and ramblings
Re: Imspector 0.7
« Reply #14 on: February 10, 2009, 02:19:51 pm »
I had 0.4 on previously and am not convinced its upgrading correctly... Ive tried an uninstall and reinstall any other ideas? Should there be any changes in the interface, I cant see any of the new protocol options...

Rich

That's probably because there aren't any new options yet.  This is _purely_ an upgrade at this time.  It turned out easier than I expected to roll out a new package, so I did that last night to make it easier for people to test and make sure it hadn't broken anything.  It's also the reason I have a build number on the package - I expect to add more to it shortly and will split the package into 1.2.x and 2.0 versions as I'd like to take advantage of the SSL features, but I'm not willing to put those into the 1.2.x package versions (no Certificate Authority in 1.2.x).

--Bill
pfSense core developer
blog - http://www.ucsecurity.com/
twitter - billmarquette