|
Penetration Testing
mailing list archives
Extracting information about streams from pcap
From: David <lists () edeca net>
Date: Sat, 30 Jun 2007 12:57:40 +0100
Hi,
I have a large pcap file that I would like to extract overview
stream/packet information from. I would like data about TCP, UDP and
ICMP in the following format:
src_ip, dst_ip, src_port, dst_port, protocol, packets, time
(obviously some fields aren't relevant for some protocols)
I have seen a number of tools but many seem to be based around TCP
streams only. I have no problem wrapping awk around a program to
generate the right output, but a C/Python library might be more help.
Any ideas?
David
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Swap Out your SPI or Watchfire app sec solution for
Cenzic's robust, accurate risk assessment and management
solution FREE - limited Time Offer
http://www.cenzic.com/wf-spi
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- Extracting information about streams from pcap David (Jun 30)
|
Intro
