tcpdump mailing list archives
Re: reconstruct HTTP requests in custom sniffer
From: Andrej van der Zee <andrejvanderzee () gmail com>
Date: Sat, 8 Jan 2011 16:42:40 +0900
Hi Cedric,
Looks very similar to : http://github.com/securactive/junkie
Is the intention of junkie to follow TCP streams and reassemble complete HTTP requests/responses from the packets? How far is this implemented?
if you can live with the AGPL, maybe we could join forces ?
At first sight it sounds tempting, as I have no intention to re-invent the wheel again. Though, the project "libnids" already seems to follow TCP streams and fully re-assemble HTTP requests/responses. Though, in some of our side-projects we need to follow TCP streams with truncated packets and libnids is not designed for this. It would be nice to use one solution for all our projects, and maybe junkie could solve this. Cheers, Andrej - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- Re: reconstruct HTTP requests in custom sniffer Cedric Cellier (Jan 07)
- Re: reconstruct HTTP requests in custom sniffer Andrej van der Zee (Jan 07)
- Re: reconstruct HTTP requests in custom sniffer rixed (Jan 08)
- Re: reconstruct HTTP requests in custom sniffer Andrej van der Zee (Jan 08)
- Re: reconstruct HTTP requests in custom sniffer Cedric Cellier (Jan 10)
- Re: reconstruct HTTP requests in custom sniffer Andrej van der Zee (Jan 10)
- Re: reconstruct HTTP requests in custom sniffer rixed (Jan 08)
- Re: reconstruct HTTP requests in custom sniffer Andrej van der Zee (Jan 07)