From ForensicsWiki
Revision as of 17:20, 14 August 2009 by Cw3sting (Talk | contribs) (Created page with '{{Infobox_Software | name = Chaosreader | maintainer = Brendan Gregg | os = {{Linux}}, {{Windows}}, {{Solaris}} | genre = Network forensics | license = {{GPL}} | webs…')

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Maintainer: Brendan Gregg
OS: Linux,Windows,Solaris
Genre: Network forensics
License: GPL


Chaosreader A freeware tool to trace TCP/UDP/... sessions and fetch application data from snoop or tcpdump logs. This is a type of "any-snarf" program, as it will fetch telnet sessions, FTP files, HTTP transfers (HTML, GIF, JPEG, ...), SMTP emails, ... from the captured data inside network traffic logs. A html index file is created that links to all the session details, including realtime replay programs for telnet, rlogin, IRC, X11 and VNC sessions; and reports such as image reports and HTTP GET/POST content reports. Chaosreader can also run in standalone mode - where it invokes tcpdump or snoop (if they are available) to create the log files and then processes them.

External Links