[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PCAP Sanitization Tool

Subject: PCAP Sanitization Tool
From: smb at cs.columbia.edu (Steven Bellovin)
Date: Thu, 17 Jun 2010 06:49:55 -0700
In-reply-to: <98375.1276782411@localhost>
References: <[email protected]> <[email protected]> <98375.1276782411@localhost>

On Jun 17, 2010, at 6:46 51AM, Valdis.Kletnieks at vt.edu wrote:

> On Wed, 16 Jun 2010 18:37:01 PDT, Steven Bellovin said:
>> What's your threat model?  In general, proper anonymization of packet
>> trace data is very hard.
> 
> I'll go out on a limb and point out that a large chunk of the difficulty is
> because every protocol has had to invent its own hack-arounds for working
> across a NAT. The resulting lack of standardization making things like
> Wireshark protocol examinations and sanitizing capture data is one of the less
> well-known reasons why NATs are evil.

My complaints are at a deeper level -- even without that, it's really hard.

		--Steve Bellovin, http://www.cs.columbia.edu/~smb

References:
- PCAP Sanitization Tool
  - From: mbein at iso-ne.com (Bein, Matthew)
- PCAP Sanitization Tool
  - From: smb at cs.columbia.edu (Steven Bellovin)
- PCAP Sanitization Tool
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)

Prev by Date: PCAP Sanitization Tool
Next by Date: Advice regarding Cisco/Juniper/HP
Previous by thread: PCAP Sanitization Tool
Next by thread: PCAP Sanitization Tool
Index(es):
- Date
- Thread