Chaosreader

From ForensicsWiki
Revision as of 12:20, 14 August 2009 by Cw3sting (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Chaosreader
Maintainer: Brendan Gregg
OS: Linux,Windows,Solaris
Genre: Network forensics
License: GPL
Website: chaosreader.sourceforge.net

Overview

Chaosreader A freeware tool to trace TCP/UDP/... sessions and fetch application data from snoop or tcpdump logs. This is a type of "any-snarf" program, as it will fetch telnet sessions, FTP files, HTTP transfers (HTML, GIF, JPEG, ...), SMTP emails, ... from the captured data inside network traffic logs. A html index file is created that links to all the session details, including realtime replay programs for telnet, rlogin, IRC, X11 and VNC sessions; and reports such as image reports and HTTP GET/POST content reports. Chaosreader can also run in standalone mode - where it invokes tcpdump or snoop (if they are available) to create the log files and then processes them.

External Links