I published the following diary on isc.sans.org: “Truncating Payloads and Anonymizing PCAP files“: Sometimes, you may need to provide PCAP files to third-party organizations like a vendor support team to investigate a problem with your network. I was looking for a small tool to anonymize network traffic but also to
I published the following diary on isc.sans.org: “Comment your Packet Captures!“: When you are investigating a security incident, a key element is to take notes and to document as much as possible. There is no â€œbestâ€ way to take notes, some people use electronic solutions while others are using good
I published the following diary on isc.sans.org: “The easy way to analyze huge amounts of PCAP data“. When you are investigating aÂ security incident, there are chances that, at a certain point, you will have to dive into network traffic analysis. If youâ€™re lucky, youâ€™ll have access to a network capture.
During the last BruCON edition, I grabbed some statistics about the network usage of our visitors. Every years, I generate stats like the operating systems types, the top-used protocols, the numbers of unique MAC addresses, etc. But this year, we also collected all traffic from the public network. By “public“,