Xplico is a NFAT or Network Forensics Analysis Tool that is designed to either capture traffic in real time sessions or to provide an interface to upload PCAP (Packet Capture Data) files for analysis. The current version in Backtrack Linux 5 release 3 is 0.7 however the latest Xplico version is Xplico 1.0.1. I believe there are some dependencies required in the later versions of Xplico so I will write an updated article once Backtrack 6 comes up and the latest version of Xplico can easily be installed.
I have been playing around with xplico which is a NFAT (Network Forensics Analysis Tool) tool included in Backtrack Linux. Pretty cool application though there are some things I am still figuring out or may be caused by the version be older in Backtrack. One of the main items where I could see new users to Xplico running into is actually noted numerous times on Xplico’s website and so I simply wanted to expand on what has already been noted there. If you are having issues uploading pcap files via the Xplico web interface then it is likely related to the size of the pcap file and the size that the Apache web server will accept. Use the information below to modify the web server configuration to allow larger files to be uploaded.