Snort mailing list archives

Announce Unified2 Anonymiser v0.9.0b u2_anon


From: beenph <beenph () gmail com>
Date: Mon, 23 Jan 2012 04:53:20 -0500

Greetings everyone,

I am happy to announce the beta release of u2_anon.


u2_anon is a tool that allow you to "share" anonymized unified2 file
to help debug issue or share some result
        without compromising some information. u2_anon will not modify
the unified2 file/files used at source,
        but it will create a copy of the source unified2 with
anonimized data that can be shared.

I strongly suggest that you run u2_anon on files that are not
currently being written by snort, since
it will not "spool" unified2 file like barnyard2 or other unified2
reader can do.


u2_anon has 4 different level or anonymity level:

 [-eE:] [Anonymize Event]
     - Will set source and destination IP's of EVENT to ipv4 -
"127.0.0.1" , ipv6 "::ffff:127.0.0.1"

 [-lL:] [Anonimize LinkLayer (ethernet)]
     - Will set source mac to AA:AA:AA:AA:AA:AA and dst mac to BB:BB:BB:BB:BB:BB

 [-pP:] [Anonymize Packet data]
     - Will Zero out packet payload

 [-xX:] [Anonymize Extra DATA event]
     - Will set IP information to "loopback" and extra data "data"
will be zeroed.


u2_anon can work on single file or directory containing multiple files.

Note that u2_anon is still beta and a few feature will be added along the way,
if you have comment or suggestion or bug/issues, feel free to let me know.


You can download it directly from here https://github.com/binf/u2_anon/tags

Happy unified2 anonymization!

-Eric Lauzon

------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!


Current thread: