Chaosreader
From Forensics Wiki
| Chaosreader | |
|---|---|
| Maintainer: | Brendan Gregg |
| OS: | Linux,Windows,Solaris |
| Genre: | Network forensics |
| License: | GPL |
| Website: | chaosreader.sourceforge.net |
Overview
Chaosreader A freeware tool to trace TCP/UDP/... sessions and fetch application data from snoop or tcpdump logs. This is a type of "any-snarf" program, as it will fetch telnet sessions, FTP files, HTTP transfers (HTML, GIF, JPEG, ...), SMTP emails, ... from the captured data inside network traffic logs. A html index file is created that links to all the session details, including realtime replay programs for telnet, rlogin, IRC, X11 and VNC sessions; and reports such as image reports and HTTP GET/POST content reports. Chaosreader can also run in standalone mode - where it invokes tcpdump or snoop (if they are available) to create the log files and then processes them.
