This program was NOT WRITTEN BY ME. Just so we're all clear on that.
Brian Caswell wrote this program and posted it on his blog. However, I find it very useful.
Sometimes when people have problems with their pcap's when they are trying to run them through Snort, I would say 90% of the time, it's because of bad chksums. Now, that's not a bad thing, it's just that people forget to check them.
So this little proggie takes a pcap, rewrites the checksum so its correct, and spits it back out. THEN you can run it through Snort. (Or whatever)
Here is the program that I did not write.
It requires Net::Pcap and Net::Ethereal. Install these through cpan. If you don't know how to do that, well, May God have mercy on your soul. (see link for a judge actually using that quote in a filing. That's awesome. /me claps for that judge.
Credit goes to Brian Caswell. He wrote it. and it rox.
No comments:
Post a Comment