| To: | David <lists@edeca.net> |
|---|---|
| Subject: | Re: Extracting information about streams from pcap |
| From: | "crazy frog crazy frog" <i.m.crazy.frog@gmail.com> |
| Date: | Sat, 30 Jun 2007 21:11:14 +0530 |
| Cc: | pen-test@securityfocus.com |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Dkim-signature: | a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=FwEWoa2MXZYccgU5x2G7FxoO5VFat7s92rX726gf+DfUq/Z164egqt/Y02t2tObegqLjp7PubupctHlWuPZj+D4f9ymepZnBp0T89rmn9wqkwi8sQgw0vXz8EVIafF+YsmPFU6A513OLK4ee6RTeNhPqpGrtOaEUHATBbPcqvtw= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=G5Fwhix8dBdwNwVtBylsKnIBLNSFjH9XGYD2w92bTS5jW2nzzUdD1JMdhJbwu4Esr6gB7TMIAEnf+UVLDyn+VKUlZV1NsRgNbPxfYPtJOY4mxg3Lq5Fmy75Htm2bDdjgreZUIqoPMJg/Orc4mK+Fq9V54s9OMWViXVsKcWxRPYc= |
| In-reply-to: | <46864534.2070601@edeca.net> |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| References: | <46864534.2070601@edeca.net> |
| Resent-date: | Sat, 30 Jun 2007 09:32:20 -0600 (MDT) |
| Resent-from: | pen-test-return-1078484516@securityfocus.com |
| Resent-message-id: | <20070630153220.42C76237CE7@outgoing3.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
you can try tcpextract.allthough bit modification will be needed but it can do ur work. http://tcpxtract.sourceforge.net/ --------------------------------------- http://www.secgeeks.com get a blog on SecGeeks :) register here:- http://secgeeks.com/user/register rss feeds :- http://secgeeks.com/node/feed http://www.newskicks.com Submit and kick for new stories from all around the world. --------------------------------------- On 6/30/07, David <lists@edeca.net> wrote: Hi, I have a large pcap file that I would like to extract overview stream/packet information from. I would like data about TCP, UDP and ICMP in the following format: src_ip, dst_ip, src_port, dst_port, protocol, packets, time (obviously some fields aren't relevant for some protocols) I have seen a number of tools but many seem to be based around TCP streams only. I have no problem wrapping awk around a program to generate the right output, but a C/Python library might be more help. Any ideas? David ------------------------------------------------------------------------ This List Sponsored by: Cenzic Swap Out your SPI or Watchfire app sec solution for Cenzic's robust, accurate risk assessment and management solution FREE - limited Time Offer http://www.cenzic.com/wf-spi ------------------------------------------------------------------------ -- ------------------------------------------------------------------------ This List Sponsored by: Cenzic Swap Out your SPI or Watchfire app sec solution for Cenzic's robust, accurate risk assessment and management solution FREE - limited Time Offer http://www.cenzic.com/wf-spi ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: Extracting information about streams from pcap, Harry Hoffman |
|---|---|
| Previous by Thread: | Re: Extracting information about streams from pcap, Harry Hoffman |
| Next by Thread: | Advanced Network Infrastructure Assessment Questions...., Joseph McCray |
| Indexes: | [Date] [Thread] [Top] [All Lists] |