Difference between revisions of "Chaosreader"

From ForensicsWiki
Jump to: navigation, search
(Created page with '{{Infobox_Software | name = Chaosreader | maintainer = Brendan Gregg | os = {{Linux}}, {{Windows}}, {{Solaris}} | genre = Network forensics | license = {{GPL}} | webs…')
 
(External Links: Link to enhanced version)
Line 15: Line 15:
  
 
* [http://www.brendangregg.com/chaosreader.html Chaosreader author's website]
 
* [http://www.brendangregg.com/chaosreader.html Chaosreader author's website]
 +
* [http://www.informationelle-selbstbestimmung-im-internet.de/chaosreader.html Enhanced, non-official version of Chaosreader (with diffs)]
  
 
[[Category:Network Forensics]]
 
[[Category:Network Forensics]]

Revision as of 10:26, 24 May 2013

Chaosreader
Maintainer: Brendan Gregg
OS: Linux,Windows,Solaris
Genre: Network forensics
License: GPL
Website: chaosreader.sourceforge.net

Overview

Chaosreader A freeware tool to trace TCP/UDP/... sessions and fetch application data from snoop or tcpdump logs. This is a type of "any-snarf" program, as it will fetch telnet sessions, FTP files, HTTP transfers (HTML, GIF, JPEG, ...), SMTP emails, ... from the captured data inside network traffic logs. A html index file is created that links to all the session details, including realtime replay programs for telnet, rlogin, IRC, X11 and VNC sessions; and reports such as image reports and HTTP GET/POST content reports. Chaosreader can also run in standalone mode - where it invokes tcpdump or snoop (if they are available) to create the log files and then processes them.

External Links