View Full Version : Recieve sniffer stream
Diganet
January 17th, 2008, 05:47 AM
As part of a CALEA logging package i would like to know if it's possible to use your product to recieve a sniffer stream instead of listening in promiscious mode on the interface. Stream is in TZSP format (Ethereal) format.
Regards
Henrik Pedersen
Diganet ApS
Denmark
Kevin Zhou
January 17th, 2008, 10:06 PM
{QUOTE-> As part of a CALEA logging package i would like to know if it's possible to use your product to recieve a sniffer stream instead of listening in promiscious mode on the interface. Stream is in TZSP format (Ethereal) format.
Regards
Henrik Pedersen
Diganet ApS
Denmark <-QUOTE}
Hello Henrik,
Thank you for your message.
Assume my understanding is correct, do you mean that whether our product can capture stream in TZSP format or whether stream in TZSP format can be imported into our product? Please explain, we would appreciate if you can send us a TZSP file to support@colasoft.com, or if possible, attach a file in your post.
Best regards,
Kevin
Diganet
January 18th, 2008, 04:30 PM
{QUOTE-> Hello Henrik,
Thank you for your message.
Assume my understanding is correct, do you mean that whether our product can capture stream in TZSP format or whether stream in TZSP format can be imported into our product? Please explain, we would appreciate if you can send us a TZSP file to support@colasoft.com, or if possible, attach a file in your post.
Best regards,
Kevin <-QUOTE}
Kevin,
TSZP is a protocol used to send sniffer streams across an IP network. It is supported by Ethereal (wireshark). In this way it's possible to send sniffs from probes to an application like yours. If you supported it, it would be possible so set up sniffers in several areas of a network and send it all to Capsa.
You can read more about it here: http://en.wikipedia.org/wiki/Tzsp
Regards
Henrik Pedersen
Kevin Zhou
January 18th, 2008, 11:38 PM
{QUOTE-> Kevin,
TSZP is a protocol used to send sniffer streams across an IP network. It is supported by Ethereal (wireshark). In this way it's possible to send sniffs from probes to an application like yours. If you supported it, it would be possible so set up sniffers in several areas of a network and send it all to Capsa.
You can read more about it here: http://en.wikipedia.org/wiki/Tzsp
Regards
Henrik Pedersen <-QUOTE}
Hello Henrik,
Thank you for your valuable information. Unfortunately the current version of Capsa is not supporting this function. However, we think it's very useful. We will consider adding this feature into our future version. Again would you please send us a TSZP file to help us dealing with this? Thank you.
Best regards,
Kevin
vBulletin® Copyright ©2000-2009, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2009, Wilders Security Forums