You could always try splitting the pcap file, only problem being missing some interaction when analysing the files. http://www.ethereal.com/lists/ethereal-users/200511/msg00253.html
2009/9/18 Robert Miller <[email protected]> > This will not make the "Wall of Shame" for you but for mining a cap file > this is useful, however the free version has a 2gb capture limit > > http://www.netwitness.com/products/investigator.aspx > > This software helped me locate a bot running crazy on a satellite > network really fast, just wish the company would buy the full version. > > Robin Wood wrote: > > Hi > > I've got a large pcap from BruCON and would like to run it through > > some wall of sheep type software to see what was happening. Can anyone > > recommend anything? > > > > I know that I can get it with manual tcpdump/ngrep type hacking but > > looking for anything that does it automatically. > > > > And before people ask, I'm not planning to release either the pcaps or > > any data I find in them. > > > > Robin > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > > > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
