Difference between pages "Xplico" and "File:Maxtor Technological Developments.pdf"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
 
(Whitepaper from Maxtor (freely downloadable from their site) about recent technological developments.)
 
Line 1: Line 1:
{{Infobox_Software |
+
Whitepaper from Maxtor (freely downloadable from their site) about recent technological developments.
  name = Xplico |
+
  maintainer = [[Gianluca Costa & Andrea de Franceschi]] |
+
  os = {{Linux}} |
+
  genre = {{Analysis}} |
+
  license = {{GPL}} |
+
  website = [http://www.xplico.org www.xplico.org] |
+
}}
+
 
+
The '''Xplico''' is a Network Forensic Analysis Tool (NFAT). The main scope of Xplico is to extract all application data content from a network capture (pcap file or real-time acquisition). For example, Xplico is able to extract all e-mails carried by the POP and SMTP protocols, and all content carried by HTTP protocol from a pcap file.
+
<h2>Features</h2>
+
            <ul>
+
              <li>Protocols supported: [http://www.xplico.org/status HTTP, SIP, FTP, IMAP, POP, SMTP, TCP, UDP, IPv4, IPv6, ...];</li>
+
              <li> VoIP audio codecs supported: G711ulaw, G711alaw, G722, G729, G723, G726 and MSRTA (x-msrta:Real Time Audio)
+
              <li>Port Independent Protocol Identification (PIPI) for each application protocol;</li>
+
              <li>Multithreading;</li>
+
              <li>Output data and information in SQLite database or MySQL database and/or files;</li>
+
              <li>At each data reassembled by Xplico is associated a [[XML]] file that uniquely identifies the flows and the pcap containing the data reassembled;</li>
+
              <li>Realtime elaboration (depends on the number of flows, the types of protocols and by the performance of computer ---RAM, CPU, HD access time, ...--- );</li>
+
              <li>TCP reassembly with ACK verification for any packet or soft ACK verification;</li>
+
              <li>Reverse DNS lookup from DNS packages contained in the inputs files (pcap), not from external DNS server;</li>
+
              <li>No size limit on data entry or the number of files entrance (the only limit is HD size).</li>
+
            </ul>
+
 
+
<h2>Demo and Cloud computing</h2>
+
<ul>
+
    <li>Demo with full features: [http://demo.xplico.org Demo]</li>
+
    <li>VoIP decoding, from pcap to wav file:  [http://pcap2wav.xplico.org pcap2wav]</li>
+
</ul>
+

Latest revision as of 16:43, 25 October 2008

Whitepaper from Maxtor (freely downloadable from their site) about recent technological developments.

Retrieved from "http://www.forensicswiki.org/w/index.php?title=Xplico&oldid=8684"
Personal tools
Namespaces

Variants
Actions
Navigation:
About forensicswiki.org:
Toolbox