Difference between revisions of "Chaosreader"

From ForensicsWiki
Jump to: navigation, search
(Created page with '{{Infobox_Software | name = Chaosreader | maintainer = Brendan Gregg | os = {{Linux}}, {{Windows}}, {{Solaris}} | genre = Network forensics | license = {{GPL}} | webs…')
(Replaced link to patches with Git repository)
(One intermediate revision by the same user not shown)
Line 15: Line 15:
* [http://www.brendangregg.com/chaosreader.html Chaosreader author's website]
* [http://www.brendangregg.com/chaosreader.html Chaosreader author's website]
* [https://github.com/brendangregg/Chaosreader Git repository]
[[Category:Network Forensics]]
[[Category:Network Forensics]]

Latest revision as of 13:19, 17 June 2014

Maintainer: Brendan Gregg
OS: Linux,Windows,Solaris
Genre: Network forensics
License: GPL
Website: chaosreader.sourceforge.net


Chaosreader A freeware tool to trace TCP/UDP/... sessions and fetch application data from snoop or tcpdump logs. This is a type of "any-snarf" program, as it will fetch telnet sessions, FTP files, HTTP transfers (HTML, GIF, JPEG, ...), SMTP emails, ... from the captured data inside network traffic logs. A html index file is created that links to all the session details, including realtime replay programs for telnet, rlogin, IRC, X11 and VNC sessions; and reports such as image reports and HTTP GET/POST content reports. Chaosreader can also run in standalone mode - where it invokes tcpdump or snoop (if they are available) to create the log files and then processes them.

External Links