BLOG     |     FORUM

Forum Login

Login is optional - if you want to be notified about responses via email. You can also simply ask a question without logging in.



Just ask your question

No signup required

There is no need to sign up or register to ask a question in the forums.

Just ask your question.

You need to signup if you wish to be notified of answers to your question by email.

Other links

Other ways to reach us

Follow us on Twitter

Follow on twitter

Send us an email

mail us

Welcome, Guest
Please Login or Register.    Lost Password?
Unleash Networks Forum
Unleash Networks Forums
Unsniff Users

Create a Custom Routine to Parse P2P traffic
(1 viewing) (1) Guest
All your questions answered real quick by Unleash Networks Engineers.
Go to bottom
Post Reply
Post New Topic
Page: 1
TOPIC: Create a Custom Routine to Parse P2P traffic
#307
Create a Custom Routine to Parse P2P traffic 1 Year, 8 Months ago Karma: 0
I am a law enforcement office in Florida, USA. I am attached to state and federal task forces.

I just found this software. I am looking for the ability to build/ have built a plug-in to parse Gnuetella style peer to peer traffic (ie Limewire and such).

It looks like this is a very good extensible platform for such work.

I would like to hear comments on the possibilities and feasibility.

Thanks!!

Chuck
Enter code here   
Please note: although no board code and smiley buttons are shown, they are still usable.
ChuckFL
User Offline
Reply Quote
 
#308
Re:Create a Custom Routine to Parse P2P traffic 1 Year, 8 Months ago Karma: 2
Hi Chuck,

Yes you could build a plugin to parse the Gnutella protocol fairly easily with Unsniff. That part is straight forward.

I guess you would be interested in reconstructing actual files transferred over these networks. You could do that too with Unsniff, but it will require some coding. I can help with that part, we are lucky because most Gnutella traffic is unencrypted today.

Tools like Unsniff and Wireshark are great for pulling in traffic dumps (pcaps) of a finite size, hopefully pre filtered.

I think you want to look at our new product called Trisul Network Metering and Forensics. www.unleashnetworks.com/products/trisul.html.

In a nutshell, Trisul listens to traffic and indexes raw content and flows with fine grained traffic statistics. This enables you to retro analyze (back in time - as much as disk space allows) incidents.

Sorry for the loong reply.

You can also email me at vivek [ at ] unleashnetworks if you want to discuss a bit more about this.

Thanks,

Vivek R
Unleash Networks
Enter code here   
Please note: although no board code and smiley buttons are shown, they are still usable.
vivek [unleash]
User Offline Click here to see the profile of this user
Reply Quote
Vivek R
Unleash Networks
Support : www.unleashnetworks.com/forums
  
Go to top
Post Reply
Post New Topic
Page: 1
Unleash Networks Forum
Unleash Networks Forums
Unsniff Users
Powered by Kunenaget the latest posts directly to your desktop

Sitemap | Privacy

Copyright (c) 2009-11 Unleash Networks