Imspector 0.7



  • I want to request how much would it cost if anybody could implement the newest version of Imspector into pfsense, or supply us an update script???

    Here you can find the source code (it seems to be easy to make it working for pfsense).
    http://www.imspector.org/
    http://www.imspector.org/downloads/imspector-0.7.tar.gz





  • Is there still any interest in this bounty?  I spent some time tonight updating the package to 0.8.  It appears to work, I've done nothing to update it's capabilities and I haven't yet pushed it to the package server (there are some new pre-reqs, iconv and perl - perl is a prereq for iconv - and I haven't decided how to address this yet).

    –Bill



  • thats very nice billm.

    If you need a tester, i can do that.

    please tell us how many hours you have spent on that.



  • Great work bill!

    It seems the latest version of msn does has some kind of security, the chat logs are not being logged with the current imspector version :(

    edit : Actually it does seem to log, but not using the contact names anymore, it displays weird strings : {90ef587c-b7cb-4110-9b5a-db95dd1c2339} and groupchat. I hope the latest package/build solves this problem.



  • @funnyfrish:

    thats very nice billm.

    If you need a tester, i can do that.

    please tell us how many hours you have spent on that.

    It's been a couple hours already.  I expect it'll be a couple more - I'd like to get all the protocols added and I need to confirm the mysql logging - I suspect my package doesn't do it (and I'm not convinced that the existing one does either - even though the config screen is there for it).

    –Bill



  • thats right. I also couldn't get the database function work. The most important function is that IMSpector
    records the protocols (especially jabber/googletalk, MSN, ICQ, AIM)



  • @funnyfrish:

    I want to request how much would it cost if anybody could implement the newest version of Imspector into pfsense, or supply us an update script???

    billm has stated that he has spent a couple of hours on this already and will need a couple hours more to clean it up. Assuming a couple hours means 2-3 hours the time that will be spent on this is 4-6 hours. Developers in the US often charge 100 or more per hour this puts the fair price of this bounty at $400-600 dollars. If you cannot pony up that much then at least contribute what you can and perhaps others will also contribute. funnyfrish: you are under greater obligation since you started the bounty to at least contribute something.



  • thats right mcrane!

    Im contributing 25€ to his paypal account. Please send a PM to billm and he will let you know on which account you
    can transfer the donation.

    Im confidental that it is worth.

    Again thank you for your effort!



  • Thanks to funnyfrish - donation received.

    For the record, yes, it was about 2 hours last night getting imspector 0.8 to compile inside the FreeBSD ports foundation, testing, and fixing some of the pfSense package info for imspector (already committed).  I expect another 2-3 hours trying to work around needing iconv and perl and fixing up the pfSense package to accommodate the newer features in imspector.  MySQL will be a different effort I'm afraid, I'm not convinced I want to support it - sqlite is under consideration as it's needed for the message injection feature, which I would like to see.  Look for the basic update to 0.8 by this weekend, database functionality needs more thought and may or may not make it in.

    –Bill



  • OK, the easy way to test this package out while I'm still working on it is to install 0.5 from the pfSense package manager.  Then drop to the shell and:
    pkill imspector
    pkg_delete imspector-0.5
    pkg_add -r http://www.ucsecurity.com/downloads/imspector-0.8.tbz

    This will add perl also

    pkg_add -r iconv

    Save settings in the imspector services menu.  You should be good to go.  More changes coming, but that'll get you started and able to test.

    –Bill



  • @billm:

    OK, the easy way to test this package out while I'm still working on it is to install 0.5 from the pfSense package manager.  Then drop to the shell and:
    pkill imspector
    pkg_delete imspector-0.5
    pkg_add -r http://www.ucsecurity.com/downloads/imspector-0.8.tbz

    This will add perl also

    pkg_add -r iconv

    Save settings in the imspector services menu.  You should be good to go.  More changes coming, but that'll get you started and able to test.

    –Bill

    Disregard…you should be able to install 0.8 from the packages menu now.

    --Bill



  • Bill,

    I just installed 0.8 onto a 1.2.2-release box.  The interface looks great, but so far its either not capturing discussions or not logging them.  I can't tell which.  I haven't played with this software before so anything I can do to help you test this?



  • I had 0.4 on previously and am not convinced its upgrading correctly… Ive tried an uninstall and reinstall any other ideas? Should there be any changes in the interface, I cant see any of the new protocol options...

    Rich



  • @olof:

    I had 0.4 on previously and am not convinced its upgrading correctly… Ive tried an uninstall and reinstall any other ideas? Should there be any changes in the interface, I cant see any of the new protocol options...

    Rich

    That's probably because there aren't any new options yet.  This is purely an upgrade at this time.  It turned out easier than I expected to roll out a new package, so I did that last night to make it easier for people to test and make sure it hadn't broken anything.  It's also the reason I have a build number on the package - I expect to add more to it shortly and will split the package into 1.2.x and 2.0 versions as I'd like to take advantage of the SSL features, but I'm not willing to put those into the 1.2.x package versions (no Certificate Authority in 1.2.x).

    –Bill



  • @submicron:

    Bill,

    I just installed 0.8 onto a 1.2.2-release box.  The interface looks great, but so far its either not capturing discussions or not logging them.  I can't tell which.  I haven't played with this software before so anything I can do to help you test this?

    It transparently redirects the connections, it's not a BPF listener.  You'll need to reconnect for it to see stuff - there's actually some annoyances there that I want to look into (changing settings drops all in flight IM sessions).  Interface isn't mine, the package was originally created by ryan wagoner, I'm just updating it and working on adding the new functionality.

    –Bill



  • Ahh, that makes sense.  Sure enough, I reconnected and it seems to be doing the right thing.  I'll be happy to help test any of the functionality you want on this.  Thanks!



  • Billm,

    Is the plan to make other protocols available as well?  I think the latest IMSpector supports interception/logging of XMPP/Gtalk which might be new as of version 0.8?  What other modifications were you planning on making to this package, if any?



  • @submicron:

    Billm,

    Is the plan to make other protocols available as well?  I think the latest IMSpector supports interception/logging of XMPP/Gtalk which might be new as of version 0.8?  What other modifications were you planning on making to this package, if any?

    http://forum.pfsense.org/index.php/topic,12792.msg75195.html#msg75195



  • See http://forum.pfsense.org/index.php/topic,14313.0.html for the lastest updates for this package.  Also, any other donations would be greatly appreciated.

    –Bill



  • I'm considering this bounty complete and closable unless there are any issues with that funnyfrish?

    –Bill


Locked