Difference between pages "Xplico" and "File:Maxtor Technological Developments.pdf"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
 
(Whitepaper from Maxtor (freely downloadable from their site) about recent technological developments.)
 
Line 1: Line 1:
{{Infobox_Software |
+
Whitepaper from Maxtor (freely downloadable from their site) about recent technological developments.
  name = Xplico |
+
  maintainer = [[Gianluca Costa & Andrea de Franceschi]] |
+
  os = {{Linux}} |
+
  genre = {{Analysis}} |
+
  license = {{GPL}} |
+
  website = [http://www.xplico.org www.xplico.org] |
+
}}
+
 
+
The '''Xplico''' is a Network Forensic Analysis Tool (NFAT). The main scope of Xplico is extract from a network capture (pcap file or real-time acquisition) all application data content. For example, Xplico from a pcap file is able to extract all emails carried by the POP and SMTP protocols and all content carried by HTTP protocols.
+
<h2>Features</h2>
+
            <ul>
+
              <li>Protocols supported: [http://www.xplico.org/status.html HTTP, SIP, FTP, IMAP, POP, SMTP, TCP, UDP, IPv4, IPv6, ...];</li>
+
              <li>Port Independent Protocol Identification (PIPI) for each application protocol;</li>
+
              <li>Multithreading;</li>
+
              <li>Output data and information in SQLite database or Mysql database and/or files;</li>
+
              <li>At each data reassembled by Xplico is associated a XML file that uniquely identifies the flows and the pcap containing the data reassembled;</li>
+
              <li>Realtime elaboration (depends on the number of flows, the types of protocols and by the performance of computer ---RAM, CPU, HD access time, ...--- );</li>
+
              <li>TCP reassembly with ACK verification for any packet or soft ACK verification;</li>
+
              <li>Reverse DNS lookup from DNS packages contained in the inputs files (pcap), not from external DNS server;</li>
+
              <li>No size limit on data entry or the number of files entrance (the only limit is HD size);</li>
+
            </ul>
+

Latest revision as of 16:43, 25 October 2008

Whitepaper from Maxtor (freely downloadable from their site) about recent technological developments.

Retrieved from "http://www.forensicswiki.org/w/index.php?title=Xplico&oldid=8684"
Personal tools
Namespaces

Variants
Actions
Navigation:
About forensicswiki.org:
Toolbox