I don't see any code posted for these two tools, but you may want to
contact the people involved:
http://www-nrg.ee.lbl.gov/LBNL-FTP-ANON.html
http://www.ece.gatech.edu/research/labs/nsa/honeynet/tools/pcap-anon.shtml
Obviously any tool has it's limits and what is considered public
information to one person is confidential to another.
--
Aaron Turner
http://synfin.net/
http://tcpreplay.synfin.net/ - Pcap editing & replay tools for Unix
On 2/11/07, [Chris] NULL <chrismc912@xxxxxxxxxxx> wrote:
Thanks lot for your answer. Packet trace anonymization was exactly the point
I am interested in :)
Regards,
Chris
> > My question is, is it possible to use the Wireshark disectors to "build"
>a
> > trace. What I mean with this is, is it e.q. possible to change values in
>the
> > Wireshark GUI and then have Wireshark build the binary trace together? I
> > know that in the current version this is not possible, but my question
>is in
> > general. Is it possible to extend the Wireshark disectors to be able to
> > "build" a trace?
>
>No; that feature's missing from the current version because the
>infrastructure for it isn't available, not because Wireshark chooses not
>to implement it.
>
>This is probably significantly more complicated than one might think,
>especially given packet reassembly. A mechanism to do that would be
>useful for manually editing packets (e.g., to construct a sequence of
>packets to replay), as well as for the anonymization feature another
>person would like to implement - but it'd require architectural work.