Re: pcap anonymizer

[Michael Richardson <mcr () sandelman ca>]

> > > > > "Aaron" == Aaron Turner <synfinatic () gmail com> writes:
    Aaron> On Fri, Apr 29, 2011 at 12:20 AM, Andrej van der Zee
    Aaron> <andrejvanderzee () gmail com> wrote:
    >> With tcprewrite you can change ips too. Not sure if it updates
    >> checksums though...  Andrej

    Aaron> Yes, tcprewrite updates the relevant checksums for all edits.
    Aaron> It will also edit MAC addresses in case you care that someone
    Aaron> can figure out what vendor's hardware you're using.

    Aaron> One thing people need to think about when writing these kind
    Aaron> of tools is how many protocols expose host identities.  HTTP,
    Aaron> SMTP, FTP, almost every Microsoft protocol, etc.  Some are
    Aaron> *usually* just host names (HTTP Host Header for example),

So, I care mostly about IP addresses in the tests/ directory.
I'd like to make it easier for people to submit test cases.

-- 
]       He who is tired of Weird Al is tired of life!           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr () sandelman ottawa on ca http://www.sandelman.ottawa.on.ca/ |device driver[
   Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
                       then sign the petition. 
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.