Recieve sniffer stream

As part of a CALEA logging package i would like to know if it's possible to use your product to recieve a sniffer stream instead of listening in promiscious mode on the interface. Stream is in TZSP format (Ethereal) format.

Regards

Henrik Pedersen
Diganet ApS
Denmark

 

Hello Henrik,

Thank you for your message.

Assume my understanding is correct, do you mean that whether our product can capture stream in TZSP format or whether stream in TZSP format can be imported into our product? Please explain, we would appreciate if you can send us a TZSP file to support@colasoft.com, or if possible, attach a file in your post.

Best regards,

Kevin

 

Kevin,

TSZP is a protocol used to send sniffer streams across an IP network. It is supported by Ethereal (wireshark). In this way it's possible to send sniffs from probes to an application like yours. If you supported it, it would be possible so set up sniffers in several areas of a network and send it all to Capsa.

You can read more about it here: http://en.wikipedia.org/wiki/Tzsp

Regards

Henrik Pedersen

 

Hello Henrik,

Thank you for your valuable information. Unfortunately the current version of Capsa is not supporting this function. However, we think it's very useful. We will consider adding this feature into our future version. Again would you please send us a TSZP file to help us dealing with this? Thank you.

Best regards,

Kevin