[127176] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: PCAP Sanitization Tool

daemon@ATHENA.MIT.EDU (Sebastian Castro)
Wed Jun 16 19:15:44 2010

Date: Thu, 17 Jun 2010 11:15:05 +1200
From: Sebastian Castro <sebastian@nzrs.net.nz>
CC: nanog@nanog.org
In-Reply-To: <EFBFF5360F0AA044AC59D2198E5EE4AA02D5BBEC@EXCHANGEBE.iso-ne.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

Bein, Matthew wrote:
> Hello, 
> 
>  
> 
> Anyone know of a good tool for sanitizing PCAP files? I would like to
> keep as much of the payload as possible but remove src and dst ip
> information. 
> 

Would address anonymization work? Instead of removing src/dst ip, you
can zero them.

I've used CoralReef for that sort of things
(http://www.caida.org/tools/measurement/coralreef/)

Cheers!
-- 
Sebastian Castro
DNS Specialist
.nz Registry Services (New Zealand Domain Name Registry Limited)
desk: +64 4 495 2337
mobile: +64 21 400535


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[127176] in North American Network Operators' Group

Re: PCAP Sanitization Tool

daemon@ATHENA.MIT.EDU (Sebastian Castro)Wed Jun 16 19:15:44 2010

daemon@ATHENA.MIT.EDU (Sebastian Castro)
Wed Jun 16 19:15:44 2010