Ethereal: [Ethereal-users] Batch capabilities?

Ethereal-users: July 2002

Subject: [Ethereal-users] Batch capabilities?
From: "Kevin Cohen" <kcohen@xxxxxxxxxxxxxx>
Date: Mon, 8 Jul 2002 14:05:24 -0700

Hi all,

I'm a newbie with Ethereal, so I'm not sure what all of its capabilities
are.  I'm hoping someone can help me out with my problem.

I have about 40gigs of captured data in binary format.  I have the files
separated into about 100MB files, so they are not too large (a 2GIG file
takes forever to open in Ethereal).  I would like to write a batch script
that can go through the files and pull out source or destination addresses
and put them into one file.  I would also like to batch based on port and or
protocol.

Currently, I've been able to use Snort and manipulate packets based on IP's
if I convert the Binary to ASCII.  I then do not know how to convert the
ASCII back to
Binary, or if that is possible.

If anyone has any suggestions, I would very much appreciate it.

Kevin Cohen, CISSP
President
Data Triage Technologies Inc.
kcohen@xxxxxxxxxxxxxx
310.478.2113

Prev by Date: [Ethereal-users] vlan trailer IPv6
Next by Date: [Ethereal-users] Upgrading ethereal 0.8.17-1 problems
Previous by thread: [Ethereal-users] vlan trailer IPv6
Next by thread: RE: [Ethereal-users] Batch capabilities?
Index(es):
- Date
- Thread