Gregarius » When {Puffy} Meets ^RedDevil^

Feeds

16248 items (10576 unread) in 27 feeds

• mypapit gnu/linux blog (296 unread)
• Catatan merepek ku... (25 unread)
• Affiliate Program Tip Blog (792 unread)
• GMS Blog
• Robert Love's Log (157 unread)

ComputerTechnology (5125 unread)

• Linux and Open Source Blog (473 unread)
• Ubuntu Blog (14 unread)
• linux kernel monkey log (70 unread)
• PHP Classes: Latest entries (2338 unread)
• PHP Freaks Tutorials (89 unread)
• Tien Soon's Tech Blog (33 unread)
• When {Puffy} Meets ^RedDevil^ (292 unread)
• anti-keseronokan (25 unread)
• TaoSecurity (850 unread)
• Ari Jaaksi's Blog (59 unread)
• Marc Abramowitz (110 unread)
• IconBuffet
• Your LiNa Job Matches (714 unread)
• Patpat's Scrap Notes (58 unread)

RantsandRamblings (4181 unread)

• #fakap community speaks (86 unread)
• 5xmom ~ Humour, Life, Lies, Sex (1702 unread)
• Infoplease - This Day in History (1478 unread)
• Dilbert (377 unread)
• Tip Satu Minit: Irfan Khairi.com (456 unread)
• Tips Temuduga (14 unread)
• Road 2 Millionaire (43 unread)
• Download Ebook PERCUMA (25 unread)

When {Puffy} Meets ^RedDevil^ (3 unread)

• 

  FreeBSD 9.0 Release is OUT!

  Posted: January 14th, 2012, 9:20am MYT by C.S.Lee

  If you haven't noticed yet, FreeBSD 9.0 Release is out, grab it while it is still hot. The announcement can be found at
  
  [www.freebsd.org]
  
  You can check out the release note at -
  
  [www.freebsd.org]
  
  I'm glad to see the driver improvement for network adapters especially intel based cards, and the netgraph ng_netflow supports NetFlow V9 export. Another interesting feature is usbdump which can be used to dump packets over usb controller. As always ipfw is improved in almost every FreeBSD release just like pf in OpenBSD. The FreeBSD team has also made a lot of improvement on file system wise. Finally we see new installer for FreeBSD ;)
  
  With FreeBSD 9.0 Release is officially out, time to work on HeX 3!
  
  Cheers ;]
  
  
  
• 

  Argus 3: Some hardly used scripts

  Posted: January 12th, 2012, 4:23am MYT by C.S.Lee

  There are couple of perl scripts come with argus 3 to process argus data, in case you haven't used them, do try them out, I will just show the result generated by those scripts -
  
  shell>perl ./raips -r ~/pcap-repo/anubis.arg3
  187.45.196.28
  187.45.241.156
  192.168.0.1
  192.168.0.2
  
  Raips will generate all unique IP addresses that are seen in the argus data.
  
  shell>perl ./rahosts -r ~/pcap-repo/anubis.arg3
  192.168.0.2: (3) 187.45.196.28, 187.45.241.156, 192.168.0.1
  
  Rahosts will generate host report, and telling you the hosts that initiate network connection(transmitter) and also destination hosts that are probed(receiver), you may get an array of IP addresses in the same network if it is network scanning or worm outbreak activity.
  
  shell>perl ./raports -r ~/pcap-repo/anubis.arg3
  187.45.241.156 tcp: (1) 80
  192.168.0.1 udp: (1) 53
  187.45.196.28 tcp: (1) 1433
  
  Raports will generate the port report, however only on server side, which means those ports that are probed by any host.
  
  If you are not satisfied with the result generated by those scripts, you are free to modify them to fit your needs, basically Carter is just demonstrating what you can do with argus data using some scripting capabilities.
  
  Cheers (;])
  
  
• 

  Large Scale Pcap Analysis

  Posted: January 11th, 2012, 9:43pm MYT by C.S.Lee

  It seems that the storage is not much an issue when comes to packet capture anymore, looking at terabytes become general everywhere, and many network analysis tools seem to gear toward large scale pcap data analysis, bro-ids has extended their functionality by using tons of community hardware and timemachine to capture and  analyze network data, and now I just come to read about people in RIPE NCC are doing this using apache hadoop -
  
  [https:]
  
  As we know as well, pcapr is also making use of cloud technology to share and analyze pcap data for internet community.
  
  Enjoy ;]