ARTICLE Xplico v0.5.3 released

Wednesday 18 November 2009 - 571 read - ( Keywords : Forensics , Network Monitoring , Xplico )

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT).

Xplico is released under the GNU General Public License.

PNG - 28.4 kb

Version 0.5.3

  • snoop Packet Capture File Format as input file
  • DNS dissector with graphical representation in Xplico Interface (XI)
  • NNTP dissector
  • PPPOE dissector
  • direct live acquisition from XI
  • new dispatcher named CLI: this dispatcher organize the data extracted in a tree as this:

         xdecode/<ip_src_1>/http
         xdecode/<ip_src_1>/mail/
         xdecode/<ip_src_1>/nntp
         xdecode/<ip_src_1>/ftp
         xdecode/<ip_src_1>/...
         xdecode/<ip_src_2>/http
         xdecode/<ip_src_2>/mail/
         xdecode/<ip_src_2>/nntp
         xdecode/<ip_src_2>/ftp
         xdecode/<ip_src_2>/...
  • default CLI dispatcher in command line execution
  • file extension for the HTTP contents

More information: here


POSTSCRIPTUM

Download Xplico v0.5.3

MD5: 7b01855e4c923a287316da8c4d66e130


COMPLIANCE MANDATES

Forensics : PCI DSS 10.2, 12.9, A.1.4*, SOX DS7, HIPAA 164.308(a)(1) and (a)(6), FISMA IR-7, ISO 27001/27002 13.2.1, 13.2.3 *Shared Hosting Providers Only
Network Monitoring : PCI DSS Requirements 3, 4, SOX DS13.4, HIPAA 164.310(d)(1), 164.312(a)(2)(iv), FISMA SI-4, AU-2, ISO 27001/27002 12.5.4, 15.1.5


RELATED ARTICLES

Forensics, Network Monitoring, Xplico,

12 May 2010 : Xplico v0.5.7 released
22 April 2010 : Xplico v0.5.6: VoIP (SIP & RTP) released
24 February 2010 : Xplico v0.5.5 released
7 January 2010 : Xplico v0.5.4 released
18 November 2009 : Xplico v0.5.3 released