'packet' Category
-
NSM-Console version 0.6 release
March 14, 2008I’m happy to announce the release of the next version of NSM-Console. Version 0.6. If you are unfamiliar with NSM-Console, here’s the synopsis from the project page: NSM-Console (Network Security Monitoring Console) is a framework for performing analysis on packet capture files. It implements a modular structure to allow for an analyst to quickly write […]
-
Flowtime – Create a timeline for packet flow
January 24, 2008You can never have too many tools for pcap visualization Flowtime is a script written in Ruby that produces a timeline of the network flows in a pcap file. Everything is better with a picture, so here’s a picture: (warning, this picture is 3000×2000 pixels, kind of large) Each bar on the left is a […]
-
NSM-Console version 0.4 release
January 16, 2008Well, it has barely been any length of time and there’s already a new release of NSM-Console, there are so many features that I’ve been coding like crazy to get them all done. First, let’s start with the downloading: http://writequit.org/projects/nsm-console/files/nsm-console-0.4.tar.gz And, for anyone interested, here’s a rundown of the most notable new features: Additional encoding/decoding […]
-
Decoding the SANS Christmas packet challenge using only NSM-Console
January 11, 2008In my never-ending quest to find justification for writing NSM-Console, I hereby present the following tutorial on how to decode the SANS Christmas packet challenge using nothing but NSM-Console: I’m going to be using NSM-Console version 0.4-DEVEL, which adds the features that allow this analysis to be performed without external tools. You can get the […]