Skip to content
Pull request Compare This branch is even with gamelinux:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
..
Failed to load latest commit information.
INSTALL
README
cron.txt
webgui.txt

README

# Full Packet Capture GUI
#########################

FPCGUI is a frontend to handle packet captures.
Its aim is for Network Security Monitoring who wants to
have a non-commersial cheap storrage for doing Network Forensics.

It uses daemonlogger (A great packet capture daemon by Martin Roesch)
and cxtracker or sancp for connection profiling.

daemonlogger is responsable for dumping pcaps to disk.
cxtracker/sancp indexes connections, making them searchable.
(fpc-session-loader.pl stores data in mysql)
	(apache + php is used for gui)


Carving:
/usr/sbin/tcpdump -r /nsm_data/hostname/dailylogs/2009-09-09/snort.log.1251338461 -w /tmp/80.30.200.100:56640_74.50.87.122:80-6.raw host 74.50.87.122 and host 80.30.200.100 and port 80 and port 56640 and proto 6


Some notes for the future:
*  Extraction of files
*  Indexing of files for types of files flying over the network
   studdy the network and add meta data about files (from streams it sees them in) to DB
*  Load list of "bad IPs" and see if there has been any traffic with them...

Something went wrong with that request. Please try again.