ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Difference between revisions of "Chaosreader"

From ForensicsWiki
Jump to: navigation, search
(Created page with '{{Infobox_Software | name = Chaosreader | maintainer = Brendan Gregg | os = {{Linux}}, {{Windows}}, {{Solaris}} | genre = Network forensics | license = {{GPL}} | webs…')
 
(External Links: Link to enhanced version)
Line 15: Line 15:
  
 
* [http://www.brendangregg.com/chaosreader.html Chaosreader author's website]
 
* [http://www.brendangregg.com/chaosreader.html Chaosreader author's website]
 +
* [http://www.informationelle-selbstbestimmung-im-internet.de/chaosreader.html Enhanced, non-official version of Chaosreader (with diffs)]
  
 
[[Category:Network Forensics]]
 
[[Category:Network Forensics]]

Revision as of 15:26, 24 May 2013

Chaosreader
Maintainer: Brendan Gregg
OS: Linux,Windows,Solaris
Genre: Network forensics
License: GPL
Website: chaosreader.sourceforge.net

Overview

Chaosreader A freeware tool to trace TCP/UDP/... sessions and fetch application data from snoop or tcpdump logs. This is a type of "any-snarf" program, as it will fetch telnet sessions, FTP files, HTTP transfers (HTML, GIF, JPEG, ...), SMTP emails, ... from the captured data inside network traffic logs. A html index file is created that links to all the session details, including realtime replay programs for telnet, rlogin, IRC, X11 and VNC sessions; and reports such as image reports and HTTP GET/POST content reports. Chaosreader can also run in standalone mode - where it invokes tcpdump or snoop (if they are available) to create the log files and then processes them.

External Links