Packet Capturing

From Hack Sphere Labs Wiki
Revision as of 05:34, 2 July 2012 by Webdawg (talk | contribs) (Intrusion Analysis)

Jump to: navigation, search

Wireshark

I had a dump file from PFsense I tried to open in Windows and Wireshark ran out of memory. I have opened multi gig capture files in Linux with not problem.

It looks like I will have to find a different solution to analyze these logs

Intrusion Analysis

A lot of the analysis tools that are on the wireshark site are not free and therefore suck. The wireshark site does have a lot of links to free utils though. Right now I am looking for something to open this file up in windows though...

A lot of these guys offer VMs. I bet you they can be cracked. Sourcecode?

Command 5 SIGMA

A great command line tool that will parse cap files and throw them into a SQL database.