HackDig : Dig high-quality web security articles for hacker

«No Previous
No Next

[SANS ISC] The easy way to analyze huge amounts of PCAP data

2017-09-28 08:00

I published the following diary on isc.sans.org: “The easy way to analyze huge amounts of PCAP data“.

When you are investigating a security incident, there are chances that, at a certain point, you will have to dive into network traffic analysis. If you’re lucky, you’ll have access to a network capture. Approximatively one year ago, I wrote a quick diary to explain how to implement a simple FPC or “Full Packet Capture” solution based on a Docker container. It’s nice to capture all the traffic in PCAP files but then? PCAP files are not convenient to process and they consume a lot of disk space (depending on the captured traffic of course)… [Read more]

 

[The post [SANS ISC] The easy way to analyze huge amounts of PCAP data has been first published on /dev/random]


Source: /atad-pacp-stnuoma-eguh-ezylana-yaw-ysae-csi-snas/82/90/7102/eb.llehstoor.golb

Read:2418 | Comments:0 | Tags:Docker SANS Internet Storm Center Security Moloch network pc

“[SANS ISC] The easy way to analyze huge amounts of PCAP data”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud