PCAP

New and Improved Pcap Utility

Submitted by TuxInvader on Sun, 08/30/2009 - 10:51

It's been three years since I wrote the first pcap-util perl script for splitting and searching pcap capture files, and now largley thanks to Damien Mascord of tusker.org we have an update. Prepare yourself to be amazed by the sequal: "Pcap Util 2, Attack of the Application Layer"

Tags:

Read more about New and Improved Pcap Utility
Log in to post comments

Utility for processing pcap dumps

Submitted by TuxInvader on Wed, 11/08/2006 - 17:05

tcpdump, ethereal, wireshark, snoop, etc all use the pcap file format for saving packet capture information. That means you can capture information from say OpenBSD PF and then analyse the data in wireshark. The only problem I find is that capture files can get huge and when that happens they are a real PITA to analyse.

Tags:

Read more about Utility for processing pcap dumps