Xplico is a NFAT or Network Forensics Analysis Tool that is designed to either capture traffic in real time sessions or to provide an interface to upload PCAP (Packet Capture Data) files for analysis. The current version in Backtrack Linux 5 release 3 is 0.7 however the latest Xplico version is Xplico 1.0.1. I believe there are some dependencies required in the later versions of Xplico so I will write an updated article once Backtrack 6 comes up and the latest version of Xplico can easily be installed.9876, ARP, backtrack, bt5r3, DNS, facebook chat, forensics, FTP, HTTP, ICMP, information gathering, Linux, mysql, network analysis, network forensics, network forensics analysis tool, network traffic analysis, nfat, nntp, packet capture data, pcap, protocol, protocol tree, SIP, sqlite, tcp, TFTP, UDP, webmail, xplico, xplico web gui
Posts Tagged “UDP”
Dec 01 2012
Apr 08 2011
A company asked me to analyze some of their network traffic to verify some of the projects they are working on to cut costs won’t impact their business. One of the projects includes removing a 100 Mbps fiber connection to their colocation and replacing it with a cable modem that is asynchronous with 50 Mbps download and 5 Mbps upload. Unfortunately they do not have any solid historical network data capture software such as Cacti so before setting up such a service I had to provide initial data via what was available. One of the tools I was able to use was the dashboard data that lives in memory on their FortiGate 200A. Below is information on where to find this information in the FortiGate 200A dashboard.200A, bandwidth, browsing, cacti, cpu usage, DNS, E-Mail, fortianalyzer, fortigate, Fortinet, FTP, gaming, historical data, ICMP, Instant Message, intrusion history, IP, kbps, log & report, mbps, memory usage, network graphing, network utilization, newsgroups, p2p, protocol, report access, service, session history, streaming, system resource history, tcp, TFTP, time interval, time period, UDP, virus history, voip
Jul 21 2009
I needed to capture some packets on a server to import into Wireshark on a Windows XP computer but hadn’t done this in awhile so I needed to refresh on how to do this. I ended up using dumpcap to capture the data, then obtain the dump file on the windows computer, and then imported into Wireshark. One thing I had a moment of trouble with was the dumpcap filter syntax. Below are some examples of how to use the filter that the dumpcap -f switch uses.
Basic dumpcap Capture[All Data]:
dumpcap -w /path/to/filecapture, dumpcap, filter, filter syntax, host, libpcap, net, SCP, tcp, UDP, windows, wireshark, xp
Jan 02 2009
Installing nmap security scanner on Windows XP is fairly easy. The easiest way is to download and run the nmap stable release executable file currently located here. You can verify the latest release by visiting nmap’s download page here.
Once the nmap.exe file is downloaded just double click it and choose a location to unpack the files. The easiest place would be something like c:\nmap or if you have cygwin installed you might want to do c:\cygwin\nmap. Make sure to note the location as you will need to add this to your path so you can execute it without having to be in the nmap directory.--allow-downgrade, --max-rate, --scan-delay, --scanflags, cygwin, environment variables, exe, executable, FTP bounce scan, HTTP, HTTPS, IP protocol scan, list scan, nmap, path, ping scan, port, script scan, security, SSH, syn/ack, system variable, tcp, UDP, variables, windows, xp
Nov 14 2008
If your PlayStation 3 is operating slow, losing connection, or just not working right most of the time the chances are that you need to change some settings on your Internet router or firewall. Routers use NAT(Network Address Translation) to allow multiple devices to function behind the router as if they all have the public address that your ISP(Internet Service Provider) has provided to you. The PS3 requires various ports to be open to communicate with other users online as well as other ports to be opened to the PlayStation 3 for other games to function properly. Below I list these ports required for the PS3 to operate, ports required for certain games to operate, and followed by a brief explanation of what you need to look for in terms of configuring your router or firewall.3074, 3478, 3658, 3659, 3660, 443, 5223, 6000, 80, 9600, 9699, army of two, burnout revenge, fall of man, firewall, ISP, motor storm, NAT, playstation, playstation 3, ports, ps3, router, tcp, UDP