 | PacketDBPacketDB project's goal is to create a set of workflows that treat tcpdumps/packet captures. |
| Download | |
PacketDB Ranking & Summary
Advertisement
PacketDB Tags
PacketDB Description
PacketDB project's goal is to create a set of workflows that treat tcpdumps/packet captures. PacketDB project's goal is to create a set of workflows that treat tcpdumps/packet captures as just another sort of data to be loaded into relational structures and manipulated using the well-established methods of relational databases.The real fun begins after the scripts run and you get to play with that delicious data!After that ETL phase stabilizes (hopefully), the project would ideally expand into providing tools for discovery and reporting on that data (i.e. data mining and data warehousing). The tables existing for this first phase of the project might be thought of as staging tables for a load up to a datamart or data warehouse. Requirements:· mysql 5.0 (developed with 5.0.22) · python (tested with 2.3.5 and 2.5) · MySQL-python (developed with 1.2.1.p2) · Impacket from Core Security Technologies (developed with 0.9.6.0) · pcapy from Core Security Technologies (developed with 0.10.4)A note on the required software -- this is the language and database that was most convenient for this at the time. The project itself is generic enough to have version in a variety of languages against any relational database.Getting Started- mysql > 5.0 requiredNeed a user to create databases and create the schema (CREATE/DROP/INDEX).1) create database in mysqlmysql> create database mycaptures12132) either create a new user GRANT SELECT, INSERT, UPDATE, DELETE ON mycaptures1213.* TO 'pcapper'@'localhost' IDENTIFIED BY 'pcapass'; GRANT FILE ON *.* TO 'pcapper'@'localhost'; commit; or grant the appropriate perms to pre-existing user GRANT SELECT, INSERT, UPDATE, DELETE ON mycaptures1213.* TO 'pcapper'@'localhost';3) update conf/properties.cfg with the new user information and new database4) create the database tables by cd'ing into the sql subdir of the projectbash$ mysql -usuperuser mycaptures1213 -p < schema.sql
PacketDB Related Software