From: David (lists@edeca.net)
Date: Sat Jun 30 2007 - 07:57:40 EDT
Hi,
I have a large pcap file that I would like to extract overview
stream/packet information from. I would like data about TCP, UDP and
ICMP in the following format:
src_ip, dst_ip, src_port, dst_port, protocol, packets, time
(obviously some fields aren't relevant for some protocols)
I have seen a number of tools but many seem to be based around TCP
streams only. I have no problem wrapping awk around a program to
generate the right output, but a C/Python library might be more help.
Any ideas?
David
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Swap Out your SPI or Watchfire app sec solution for
Cenzic's robust, accurate risk assessment and management
solution FREE - limited Time Offer
http://www.cenzic.com/wf-spi
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:55 EDT