Information Security

xplico – Backtrack 5 – Information Gathering – Network Analysis – Network Traffic Analysis – xplico

Xplico is a NFAT or Network Forensics Analysis Tool that is designed to either capture traffic in real time sessions or to provide an interface to upload PCAP (Packet Capture Data) files for analysis. The current version in Backtrack Linux 5 release 3 is 0.7 however the latest Xplico version is Xplico 1.0.1. I believe there are some dependencies required in the later versions of Xplico so I will write an updated article once Backtrack 6 comes up and the latest version of Xplico can easily be installed.

Technology Insights

View Historical Bandwidth Usage On FortiGate 200A Including Amount Of Bandwidth Per Protocol

A company asked me to analyze some of their network traffic to verify some of the projects they are working on to cut costs won’t impact their business. One of the projects includes removing a 100 Mbps fiber connection to their colocation and replacing it with a cable modem that is asynchronous with 50 Mbps download and 5 Mbps upload. Unfortunately they do not have any solid historical network data capture software such as Cacti so before setting up such a service I had to provide initial data via what was available. One of the tools I was able to use was the dashboard data that lives in memory on their FortiGate 200A. Below is information on where to find this information in the FortiGate 200A dashboard.

Technology Errors

dumpcap: That string isn’t a valid capture filter (syntax error), dumpcap filter syntax

I needed to capture some packets on a server to import into Wireshark on a Windows XP computer but hadn’t done this in awhile so I needed to refresh on how to do this. I ended up using dumpcap to capture the data, then obtain the dump file on the windows computer, and then imported into Wireshark. One thing I had a moment of trouble with was the dumpcap filter syntax. Below are some examples of how to use the filter that the dumpcap -f switch uses.

Basic dumpcap Capture[All Data]:


  1. dumpcap -w /path/to/file

Technology Insights

How to Install nmap Security Scanner on Windows XP

Installing nmap security scanner on Windows XP is fairly easy. The easiest way is to download and run the nmap stable release executable file currently located here. You can verify the latest release by visiting nmap’s download page here.

Once the nmap.exe file is downloaded just double click it and choose a location to unpack the files. The easiest place would be something like c:\nmap or if you have cygwin installed you might want to do c:\cygwin\nmap. Make sure to note the location as you will need to add this to your path so you can execute it without having to be in the nmap directory.

Technology Insights

Firewall Settings for Playstation 3, PS3 Firewall Ports

If your PlayStation 3 is operating slow, losing connection, or just not working right most of the time the chances are that you need to change some settings on your Internet router or firewall. Routers use NAT(Network Address Translation) to allow multiple devices to function behind the router as if they all have the public address that your ISP(Internet Service Provider) has provided to you. The PS3 requires various ports to be open to communicate with other users online as well as other ports to be opened to the PlayStation 3 for other games to function properly. Below I list these ports required for the PS3 to operate, ports required for certain games to operate, and followed by a brief explanation of what you need to look for in terms of configuring your router or firewall.