iPhone, meet Wireshark...

2010-10-10 Thread kowsik
If you wanted to see what the apps on your mobile device are up to (especially operators trying to understand the impact of mobile apps on their infrastructure), current instructions on the web involve jail-breaking, setting up access-points and hubs and what not. It's gotta be lot simpler than

Visualizing Application Flows with xtractr

2010-10-01 Thread kowsik
One of the challenges of troubleshooting networks with packet captures is that you quickly lose the bigger picture with the volume of data. And static reports just don't do justice to the flurry of activity on networks. We just posted a video on visualizing application flows using xtractr. You can

Re: PCAP Sanitization Tool

2010-06-16 Thread kowsik
Log sanitation is a whole lot easier than packets. AFAIK, santizing pcaps is an intractable problem because of various kinds of encodings that exist within packets. Examples: - FTP IPv4 addresses are comma separated - DNS does label encoding of domain names (especially with pointers) - Forwarded

Announcing: Ruby API for xtractr

2010-03-17 Thread kowsik
What started off as a way to unit test the RESTful API for xtractr has now turned into a Ruby gem that we are releasing as open source. First xtractr, then nuggets and now a gem. We are happy to announce a Ruby gem for xtractr which takes all the goodness of Ruby and interacts RESTfully with

Re: anti-ddos test solutions ?

2010-03-17 Thread kowsik
http://labs.mudynamics.com/2009/04/10/ddos-testing-network-applications/ http://www.pcapr.net/dos YMMV, but mudos converts *any* IP packet into a DoS generator (it's free). K. --- http://www.pcapr.net http://labs.mudynamics.com http://twitter.com/pcapr On Wed, Mar 17, 2010 at 11:28 AM, Stefan

Announcing xtractr (on pcapr)

2010-02-22 Thread kowsik
We just released xtractr, a collaborative cloud app for indexing, searching, extracting and reporting on large pcaps. This thread on NANOG is one of the many use cases that xtractr attempts to solve: http://mailman.nanog.org/pipermail/nanog/2009-December/015661.html You can learn more about

Re: D/DoS mitigation hardware/software needed.

2010-01-04 Thread kowsik
If you want to recreate D/DoS from captures (for testing purposes) you might want to check out: http://www.pcapr.net/dos This lets you validate how your mitigation solutions are holding up. K. On Mon, Jan 4, 2010 at 1:19 PM, Rick Ernst na...@shreddedmail.com wrote: Looking for D/DoS