Hi all,
I'm a newbie with Ethereal, so I'm not sure what all of its capabilities
are. I'm hoping someone can help me out with my problem.
I have about 40gigs of captured data in binary format. I have the files
separated into about 100MB files, so they are not too large (a 2GIG file
takes forever to open in Ethereal). I would like to write a batch script
that can go through the files and pull out source or destination addresses
and put them into one file. I would also like to batch based on port and or
protocol.
Currently, I've been able to use Snort and manipulate packets based on IP's
if I convert the Binary to ASCII. I then do not know how to convert the
ASCII back to
Binary, or if that is possible.
If anyone has any suggestions, I would very much appreciate it.
Kevin Cohen, CISSP
President
Data Triage Technologies Inc.
kcohen@xxxxxxxxxxxxxx
310.478.2113