CVS commit: wip/tcpxtract

To: pkgsrc-wip-cvs%lists.sourceforge.net@localhost
Subject: CVS commit: wip/tcpxtract
From: Thomas Klausner <thomasklausner%users.sourceforge.net@localhost>
Date: Sat, 04 Feb 2006 03:39:42 -0800 See http://spamassassin.org/tag/ for more details. Report problems to http://sf.net/tracker/?func=add&group_id=1&atid=200001 -2.8 ALL_TRUSTED Did not pass through any untrusted hosts

Module name:    wip
Committed by:   thomasklausner
Date:           Sat Feb  4 11:39:27 UTC 2006

Import into wip/tcpxtract

Log Message:
Initial import of tcpxtract-1.0.1:

tcpxtract is a tool for extracting files from network traffic based
on file signatures. Extracting files based on file type headers
and footers (sometimes called "carving") is an age old data recovery
technique. Tools like Foremost employ this technique to recover
files from arbitrary data streams. Tcpxtract uses this technique
specifically for the application of intercepting files transmitted
across a network. Other tools that fill a similar need are driftnet
and EtherPEG. driftnet and EtherPEG are tools for monitoring and
extracting graphic files on a network and is commonly used by
network administrators to police the internet activity of their
users. The major limitations of driftnet and EtherPEG is that they
only support three filetypes with no easy way of adding more. The
search technique they use is also not scalable and does not search
across packet boundries. tcpxtract features the following:

    * Supports 26 popular file formats out-of-the-box. New formats
      can be added by simply editing its config file.
    * With a quick conversion, you can use your old Foremost config
      file with tcpxtract.
    * Custom written search algorithm is lightning fast and very scalable.
    * Search algorithm searches across packet boundries for total
      coverage and forensic quality.
    * Can be used against a live network or a tcpdump formatted capture file.

TODO:
Doesn't work too well -- the extracted files have bogus
information inside. Mailed the author about it.

Status:

Vendor Tag:     THOMASKLAUSNER
Release Tags:   THOMASKLAUSNER_20060104
                
N wip/tcpxtract/DESCR
N wip/tcpxtract/TODO
N wip/tcpxtract/distinfo
N wip/tcpxtract/PLIST
N wip/tcpxtract/Makefile

No conflicts created by this import



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
pkgsrc-wip-cvs mailing list
pkgsrc-wip-cvs%lists.sourceforge.net@localhost
https://lists.sourceforge.net/lists/listinfo/pkgsrc-wip-cvs

Prev by Date: CVS commit: wip/mk
Next by Date: CVS commit: wip
Previous by Thread: CVS commit: [FLACK_BRANCH] wip/rosegarden-current
Next by Thread: CVS commit: wip/tcpxtract
Indexes:

Home | Main Index | Thread Index | Old Index