Over the last week or so a number of new tools have been release either for the first time or as updated versions:
- tcpreplay is now at version 3.4.0 with a number of significant bugfixes. This staple of packet analysis allows for the replay of captured pcap file back over network interfaces. Its a great way of having a repeatable test framework, or for explosing yout NIDS system to collected bad traffic.
- picviz 0.5 has been released. I blogged about this before and the project seems to be comming on nicely. Formy own purposes its not much use with my network telescope data, but does produce some pretty pictures for some other work Ive been doing of late. The new version comes with a bumber of new log parsers. A slide deck discussing its use as presented at USENIX 2008 is also available.
- pcapr is the new tool out and describes itself as “web 2.0 meets packets“, and “pcapr does to packets what flickr does to pictures”. If it performs as promised it could make life a lot easier maintinaing libraries of packet captures. The fact its a hosted service does have some distinct disadvantages. Currently there seems to be quote a lot of little snippets. An RSS feed of new content is also available. Another similar repository s that of openpacket.org
- libtrace while not a new tool as such, is somethign I’ve started workign with recentlyafter comming across it in Dean Pemberton’s MSc Thesis2007 on Internet Background Radiation Arrival Density and Network Telescope Sampling Strategies. The api looks pretty clean and it comes with a couple of nice demo tools which are actually useful. the URI syntax it uses for accessing files is a little strange but managable.
1 response so far ↓
1 Security Tools update | Static in the Ether | www.toolworld.ca // Feb 7, 2009 at 06:39
[...] more: Security Tools update | Static in the Ether Share and [...]
Leave a Comment