Penetration Testing mailing list archives
Re: Extracting information about streams from pcap
From: Jim Clausing <clausing () computer org>
Date: Sun, 1 Jul 2007 22:52:23 -0400 (EDT)
http://ipaudit.sourceforge.net -- Jim Clausing On or about Sat, 30 Jun 2007, David pontificated thusly:
Hi, I have a large pcap file that I would like to extract overview stream/packet information from. I would like data about TCP, UDP and ICMP in the following format: src_ip, dst_ip, src_port, dst_port, protocol, packets, time (obviously some fields aren't relevant for some protocols) I have seen a number of tools but many seem to be based around TCP streams only. I have no problem wrapping awk around a program to generate the right output, but a C/Python library might be more help. Any ideas? David ------------------------------------------------------------------------ This List Sponsored by: Cenzic Swap Out your SPI or Watchfire app sec solution for Cenzic's robust, accurate risk assessment and management solution FREE - limited Time Offer http://www.cenzic.com/wf-spi ------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Swap Out your SPI or Watchfire app sec solution for Cenzic's robust, accurate risk assessment and management solution FREE - limited Time Offer http://www.cenzic.com/wf-spi ------------------------------------------------------------------------
Current thread:
- Re: Extracting information about streams from pcap Jim Clausing (Jul 01)
- RE: Extracting information about streams from pcap Srinivasan Vairavan-a22691 (Jul 02)