One Article Review
| Source |  SANS Institute |
|---|---|
| Identifiant | 2310 |
| Date de publication | 2016-06-01 21:40:24 (vue: 2016-06-01 21:40:24) |
| Titre | Performing network forensics with Dshell. Part 2: Decoder development process, (Wed, Jun 1st) |
| Texte | We saw in part 1 how useful dshell can be. Let">PacketDecoder: This type of decoder is able to look for specific packet information in a live capture or PCAPfile and then show it to the user in a customized way.">Blob.">httpdecoder:Dshell">printableText">printableUnicode">URLDataToParameterDict">xorStringDecode">Lets see an example of a simple decoder, which uses dpkt">This looks like a packet decoder, using the base definition of IPDecoder contained in the Dshell class.">If not, ifRST/ACK flags are set,">Pel">">msantand at isc dot sans dot org (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. |
| Envoyé | Oui |
| Condensat | 1st >blob >httpdecoder:dshell >if >lets >msantand >packetdecoder: >pel >printabletext >printableunicode >this >urldatatoparameterdict >xorstringdecode able are attribution base can capture center class commons contained creative customized decoder definition development dot dpkt dshell edu example flags forensics how https://isc ifrst/ack information internet ipdecoder isc jun let license like live look looks network noncommercial not org packet part pcapfile performing process sans saw see set show simple specific states storm then type united useful user uses using way wed which |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.