Wireshark mailing list archives
Re: Anonymising PCAP files with Wireshark?
From: Chris Maynard <Chris.Maynard () gtech com>
Date: Wed, 25 Jan 2012 15:11:17 +0000 (UTC)
Grégoire, André <Andre.Gregoire@...> writes:
What is the best way to anonymize pcap files? Mainly substitute a real IP
address and mac address for a fake one.
There seems to be a lot of scripts out there that change one or the other but
I am looking if something is generally accepted as best practice or tried tested and true by this community. I don't know of "the best way" nor do I know which might be considered "best practice", but here are a couple of links to some tools and information that might help you decide what to use: http://sharkfest.wireshark.org/sharkfest.11/presentations/A-11_Bongertz-Trace_File_Anonymization.pdf http://ask.wireshark.org/questions/844/utility-to-anonymize-capture-files http://comments.gmane.org/gmane.network.tcpdump.devel/5106 http://wiki.wireshark.org/Tools - Chris ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Anonymising PCAP files with Wireshark? Grégoire , André (Jan 25)
- Re: Anonymising PCAP files with Wireshark? Chris Maynard (Jan 25)
- Re: Anonymising PCAP files with Wireshark? Kevin Cullimore (Jan 25)