Re: [Openpacket-devel] OpenPacket ideas
Brought to you by:
crazy_j,
taosecurity
Menu
▾
▴
Re: [Openpacket-devel] OpenPacket ideas
|
From: Aaron T. <syn...@gm...> - 2007-03-12 21:33:08
|
On 3/12/07, Richard Bejtlich <tao...@gm...> wrote: > OpenPacket.org fans, > > I just had a conversation with a volunteer Web architect for > OpenPacket.org. She's BCC'd on this email because I'm not sure if she > wants any attention yet. I decided to send this message to the > openpacket-devel list so others could potentially reply to this post > with their thoughts. > > One of the problems we just discussed was pcap trace classification. > How do people do searches on traces in an efficient manner? One > option I considered would be to run a trace through Tshark to produce > statistics, then use the output to create tags. For example, the > Wireshark sample captures Wiki [snip] Do whatever is easiest and quickest. Right now OpenPacket doesn't exist except in our dreams. Just get *something* out there that is usable and worry about adding features later. Until you get enough momentum and pcap's where people have to search for them, this feature isn't critical. Once people start using the site, I'm sure you'll get all sorts of requests and suggestions which will help set priorities and requirements. -- Aaron Turner http://synfin.net/ http://tcpreplay.synfin.net/ - Pcap editing & replay tools for Unix |
