Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Analyzing .pcap files

Status
Not open for further replies.
akiba201

akiba201

Programmer
Nov 7, 2005
30
CA
Hi,

Does anyone one has a suggestion on tools that I can use for analyzing pcap (captured traffic)files ?

I am currently using Wireshark (higher version of Etherial) but I need to actually extract some files from tha pcap file.

I will appreaciate knowing any Windows based tools though Unix based are fine too.
 
Sort by date Sort by votes
Wireshark is definitely what I would recommend. You should be able to use the "Follow Stream" functionality to separate out a stream. Some minor hex editing with a tool like WinHex should get you back to the file in short order.

Do you need to extract a large number of files? You could probably use something like PERL and the Net classes to automate the extraction. I'm pretty sure that Net::pCAP will allow you to extract packets in a reasonable format.


pansophic
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

alex1002
  • Locked
  • Question
Sonicwall SSLVPN very slow Throughput accessing network files
Replies
1
Views
152
alex1002
alex1002
yesti
  • Locked
  • Question
Script to update MAV definition files
Replies
5
Views
110
yesti
yesti
Frink
  • Locked
  • Question
Script to Encrypt Zip files 1
Replies
7
Views
74
kjv1611
kjv1611
BarracudaFist
  • Locked
  • Question
SonicWall v6 thumbprint files large
Replies
0
Views
27
BarracudaFist
BarracudaFist
kunz12
  • Locked
  • Question
Openining files over VPN is slowwww...
Replies
1
Views
31
brianinms
brianinms

Part and Inventory Search

Sponsor

Back
Top