Re: Classifying pcap data

[David Schekaiban <david () codigoverde com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

try xplico, its web interface lets you upload and analyze pcap files, acquiring images, chats, emails, etc.


- --
David Schekaiban, CISA, CISM, CISSP, CEH, ECSA, LPT
Código Verde Seguridad Informática
Batallón de San Patricio 109
Valle Oriente
San Pedro, Nuevo León 
66260 MX
Teléfono. +52 (81) 8625 6560
Correo. david () codigoverde com

Nota: La información de este correo es de propiedad exclusiva y confidencial. Este mensaje es sólo para el destinatario 
señalado, si usted no lo es, destrúyalo de inmediato. ninguna información aquí contenida debe ser entendida como dada o 
avalada por código verde, sus subsidiarias o sus empleados, salvo cuando ello expresamente se indique. Es 
responsabilidad de quien recibe este correo de asegurarse que esté libre de virus, por lo tanto ni código verde, sus 
subsidiarias ni sus empleados aceptan responsabilidad alguna.

On Jan 31, 2011, at 3:41 PM, Howard Howard wrote:

> Hi List,
>
> I am working on analyzing large amount of pcap files.
>
> I am trying to classify the captured data to
> - find out the ratio of used internet protocols at application layer
> (e.g. filesharing / chat / ssh)
> - find out what kind of http traffic was happening
>
> I am not too curious about the details of every package but want to
> know about the general usage.
>
> To classify the web traffic I would like to correlate my pcaps with
> maybe content filter blacklists.
>
> Can you suggest me tools to perform such tasks? Can you point me to
> any more ways to analyze large amount of traffic?
>
> Many thanks in advance!
>
> Howard
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.12 (Darwin)

iFYEAREIAAYFAk1K+gMACgkQBdUBZq3HJIMFhgDfUWQTjkZpDH8SmUXtiZvD16si
Nxe4vMheGal63ADgmMKA6DSP+IWhcfrMXG9HuX5QBxvPzFUIxRaIew==
=iXRt
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------