ARTICLE Xplico v0.5.6: VoIP (SIP & RTP) released

Thursday 22 April 2010 - 1112 read - ( Keywords : Forensics , Network Monitoring , Xplico )

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT).

Xplico is released under the GNU General Public License.

PNG - 28.4 kb

Version 0.5.6

In this version there are new and important features:

- HTTP reconstruction file. ie: files downloaded with tools like DownThemAll
- undecodec UDP and TCP “stream” with textual content
- RTP dissector
- SIP dissector
- SDP dissector
- Improved XI
- many bugfix

This version of the SIP and RTP dissectors is not optimal. The (media) contents currently decoded have the following characteristics (limitations) :

- only audio
- audio codec: G711ulaw, G711alaw, G722, G729, G723 and G726
- only static RTP payload type

More information: here

Thanks to our friend, Gianluca, from Xplico.


POSTSCRIPTUM

Download Xplico v0.5.6


COMPLIANCE MANDATES

Forensics : PCI DSS 10.2, 12.9, A.1.4*, SOX DS7, HIPAA 164.308(a)(1) and (a)(6), FISMA IR-7, ISO 27001/27002 13.2.1, 13.2.3 *Shared Hosting Providers Only
Network Monitoring : PCI DSS Requirements 3, 4, SOX DS13.4, HIPAA 164.310(d)(1), 164.312(a)(2)(iv), FISMA SI-4, AU-2, ISO 27001/27002 12.5.4, 15.1.5


RELATED ARTICLES

Forensics, Network Monitoring, Xplico,

12 May 2010 : Xplico v0.5.7 released
22 April 2010 : Xplico v0.5.6: VoIP (SIP & RTP) released
24 February 2010 : Xplico v0.5.5 released
7 January 2010 : Xplico v0.5.4 released
18 November 2009 : Xplico v0.5.3 released