An alchemists view from the bar

Network Security Alchemy

Posts Tagged ‘pcap

Big OpenFPC release – 0.6

with 2 comments

Pushing forwards closer to a 1.0 release for OpenFPC, one of the major components has now been updated – The GUI.

To introduce this new release I’ve put together a short screen-cast of OpenFPC to show the installation, setup procedure, and a bit of general usage. So if you’re tasked with rolling together your own full packet capture/network traffic recorder/forensics system, perhaps you may want to take a look below.

 

For those who don’t want to sit through five minutes of video to see what the new GUI looks like, here are a few screenshots of the system in action.

Version 0.6 is now available at  http://code.google.com/p/openfpc/downloads/list . Expect a few bugs, and if you report them, Ill own the task of fixing them.

-Leon

Advertisements

Written by leonward

June 13, 2011 at 12:37 pm

Posted in OpenFPC, Security, snort, Uncategorized

Tagged with , , ,

OpenFPC Test Release

leave a comment »

The weekend has landed, and I have time to pull together some of the bits I need for an OpenFPC (Open Full Packet Capture) release, but I need your help.

I know there are bugs that still need squishing (Master-mode install script for example), but if you have time and are interested, please help me test out an alpha release. Go grab it from here (download the latest version number, it may change repeatedly over the next few days) and run the installer.

So far, I have only tested it on Ubuntu 10.4, the Redhat auto-dependency checking isn’t there yet but it should work on that platform if you have the required RPMs installed with a little tweaking.

So what are you waiting for!? Find problems, tell me where the install and setup falls down, and have some fun.

-Leon

Written by leonward

September 10, 2010 at 5:35 pm

Posted in OpenFPC, Security

Tagged with , ,

OpenFPC – An update: v0.2.97 available (woohoo!)

with 4 comments

It’s been a couple of months since I first posted about the OpenFPC project, so I thought it’s time that I provided a little update.

Firstly, I need to throw some karma over to Edward Fjellskål (http://gamelinux.org), so… Edward++.

Edward and I have merged the OpenFPC and FPCGUI projects, it makes way more sense to combine our efforts as our goals are similar while our approaches have been from different angles. We both see a need to unify all of the home-brew full-packet-capture/network forensics tools we see out there in the wild.

OpenFPC now has a new home, http://www.openfpc.org.  So, if you’re looking for a distributed wrapper for your daemonlogger instances, or if you’re still trying to get tcpdump to log in a ringbuffer and share access over multiple analysts, devices, and tools, head on over to www.openfpc.org to read all about it. Here are a couple of quick links for those who want to jump right in:

I’m looking for people to help test and provide feedback now so I can fix problems and tweak things ahead of a full release.

Good luck, and please let me know your feedback.

-Leon

Written by leonward

August 2, 2010 at 9:53 pm

Posted in OpenFPC, Security

Tagged with , , , , , , ,

Openpacket.org – example.com PCAP files

with 8 comments

I am in the process of uploading a load of pcap files to openpacket.org from my “example.com” collection. Because openpacket doesn’t provide an interface to include supporting data, below is network map that should help anyone who needs to use these pcaps. They were sniffed from a test network I built and should contain a good mix of systems and protocols.

Expect to see:

  • http
  • https
  • pop3
  • smtp
  • bittorrent
  • ldap
  • irc
  • msn
  • smb
  • dcerpc
  • ssh
Network Map - Example.com

Network Map - Example.com

While I fight with Openpcap’s upload limits, a complete archive of example.com can be found here.

-Leon

Written by leonward

April 10, 2009 at 12:50 pm

Posted in Uncategorized

Tagged with , ,