Sorry Robin, didn't really read the email properly NetWitness is used more for analysis Adrian's solution looks pretty good.
2009/9/18 Chris Bentley <[email protected]> > You could also try the free version of NetWitness > http://www.netwitness.com/products/investigator.aspx > > > 2009/9/18 Adrian Crenshaw <[email protected]> > > Free free to modify this: >> >> http://www.irongeek.com/i.php?page=security/wallofshame >> >> Since this is an after the fact analysis, look into using NetworkMiner, >> Ettercap and Cain. >> >> Adrian >> >> >> >> On Fri, Sep 18, 2009 at 9:49 AM, Robin Wood <[email protected]> wrote: >> >>> Hi >>> I've got a large pcap from BruCON and would like to run it through >>> some wall of sheep type software to see what was happening. Can anyone >>> recommend anything? >>> >>> I know that I can get it with manual tcpdump/ngrep type hacking but >>> looking for anything that does it automatically. >>> >>> And before people ask, I'm not planning to release either the pcaps or >>> any data I find in them. >>> >>> Robin >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
