PaulDotCom mailing list archives
wall of sheep software
From: dninja at gmail.com (Robin Wood)
Date: Fri, 18 Sep 2009 23:41:55 +0100
I've downloaded NetWitness and will give it a look through but I was more after something more like a script that would just run through and pull out incriminating information. Adrians script looks good but that is parsing ettercap output which I haven't got. I've just had a play with ngrep and got some POP3 details out so I might try scripting that. Robin 2009/9/18 Chris Bentley <chris.bentley at sky.com>:
You could always try splitting the pcap file, only problem being missing some interaction when analysing the files. http://www.ethereal.com/lists/ethereal-users/200511/msg00253.html 2009/9/18 Robert Miller <arch3angel at gmail.com>This will not make the "Wall of Shame" for you but for mining a cap file this is useful, however the free version has a 2gb capture limit http://www.netwitness.com/products/investigator.aspx This software helped me locate a bot running crazy on a satellite network really fast, just wish the company would buy ?the full version. Robin Wood wrote:Hi I've got a large pcap from BruCON and would like to run it through some wall of sheep type software to see what was happening. Can anyone recommend anything? I know that I can get it with manual tcpdump/ngrep type hacking but looking for anything that does it automatically. And before people ask, I'm not planning to release either the pcaps or any data I find in them. Robin _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- wall of sheep software Robin Wood (Sep 18)
- wall of sheep software Adrian Crenshaw (Sep 18)
- wall of sheep software Tim Mugherini (Sep 18)
- wall of sheep software Albert R. Campa (Sep 18)
- wall of sheep software Chris Bentley (Sep 18)
- wall of sheep software Chris Bentley (Sep 18)
- wall of sheep software Nick Baronian (Sep 18)
- wall of sheep software Adrian Crenshaw (Sep 18)
- wall of sheep software Robert Miller (Sep 18)
- wall of sheep software Chris Bentley (Sep 18)
- wall of sheep software Robin Wood (Sep 18)
- wall of sheep software Chris Bentley (Sep 18)
- wall of sheep software PJ McGarvey (Sep 18)
- wall of sheep software John Strand (Sep 18)
- <Possible follow-ups>
- wall of sheep software infolookup at gmail.com (Sep 18)
- wall of sheep software James Mattson (Sep 18)
- wall of sheep software Ben Greenfield (Sep 21)
- wall of sheep software Will Metcalf (Sep 21)
- wall of sheep software Ben Greenfield (Sep 21)
- wall of sheep software Adrian Crenshaw (Sep 18)