Wireshark · Wireshark-users: [Wireshark-users] Collaborative Network Forensics

Wireshark-users: [Wireshark-users] Collaborative Network Forensics

Date: Sun, 23 Aug 2009 15:25:20 -0700

Ever had to deal with multi-gig pcaps and wondered if there was a
faster, better, interactive way to see the packets, search for them
and extract slices?

We took the recently published ITOC dataset and the CCTF captures from
the Shmoo group, indexed them using Wireshark and a few other
technologies to enable contextual search and instant access to
packets, not to mention HN/Twitter-style one-liners attached to
packets and searches for a community oriented forensics application.

With over 15.0 GBytes and 26.3 million packets, this now represents
the largest collection of indexed pcaps online.

Read the blog: http://bit.ly/12I62D
And the application: http://www.pcapr.net/forensics

Thanks,
The Pcapr Team
http://www.pcapr.net/
http://labs.mudynamics.com/
http://twitter.com/pcapr

Prev by Date: Re: [Wireshark-users] Analyzing a "broken" FTP session
Next by Date: [Wireshark-users] why SACK field duplicates TSN/number of duplicates is not taken into consideration for SCTP retransmissions?
Previous by thread: Re: [Wireshark-users] Unexpected/Strange behavior of my wireless network adapter
Next by thread: [Wireshark-users] why SACK field duplicates TSN/number of duplicates is not taken into consideration for SCTP retransmissions?
Index(es):
- Date
- Thread