I work for the Navy and because some of our lab captures are done in a
secret/classified environment, in order to remove the traces from the lab,
we need to make them human readable to ensure to security officials that
there isn't secret data hidden in the traces. Although we could provide
"tcpdump -w" output, the problem we have is that we'd still like to be able
to use analyzer tools that require libpcap format data after the data leaves
the secret/classified lab. So we are looking into ways to translate libpcap
binary outputs to readable text then back to libpcap binary format.
We were hoping someone has already written a utility that would translate
libpcap output into something human readable, such as xml, and perhaps there
would then be a capability to translate it back to libpcap format too. If
anyone has heard about something out there that does this, please let us
know.
Any feedback on other ideas to make this work would be appreciated.
Thanks for your help.
_________________________________________________________________
Stay in touch with old friends and meet new ones with Windows Live Spaces
http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us