Wireshark-users: Re: [Wireshark-users] [Off-topic] OpenPacket.org 1.0

From: Ulf Lamping <ulf.lamping@xxxxxx>
Date: Tue, 08 Apr 2008 05:02:55 +0200
Hansang Bae schrieb:
Soh Kam Yung wrote:
[snip]
    "The mission of OpenPacket.org is to provide quality network
traffic traces to researchers, analysts, and other members of the
digital security community. One of the most difficult problems facing
researchers, analysts, and others is understanding traffic carried by
networks. At present there is no central repository of traces from
which a student of network traffic could draw samples. OpenPacket.org
will provide one possible solution to this problem.

This is a great idea. My recommendation to people is just to capture things to see what a baseline looks like. If you capture a problem, and that's the VERY FIRST time you are capturing, how do you know what's normal and not normal?

I mean for some sites, 0.5% packet loss could be the norm and you would end up troubleshooting the "wrong" problem.

I wonder if the site will snaplength everything to the relative headers. That could be a problem.
Why not use http://wiki.wireshark.org/SampleCaptures ? :-)

Regards, ULFL