TCPDPRIV
-
Description
-
Tcpdpriv is program for eliminating confidential information
from packets collected on a network interface (or,
from trace files created using the -w argument to
tcpdump).
-
Requirements
-
Tcpdpriv is fairly modest in its requirements. It does, however,
require the packet capture
library (libpcap).
-
Limitations
-
-
Tcpdpriv currently only works on SunOS, Solaris, and FreeBSD
systems. While it should port to other systems fairly easily, there
have been problems reported porting to Digital Unix running on Alpha
processors; this and other portability problems will hopefully be fixed
in future releases (send diffs!).
-
Link-level headers are passed through unchanged.
-
Tcpdpriv should probably preserve the all-zeroes and all-ones
addresses.
-
It would be nice if tcpdpriv could retain subnet
broadcast information.
-
The -A50 option can be a security concern for some sites (but
it probably not a concern for most sites). A short
analysis
of the
security issues with the -A50 option is available.
-
Acknowledgements
-
Written by Greg Minshall of Ipsilon Networks, Inc.
Report bugs to
minshall@acm.org.
-
Version
-
The current release is 1.2, dated 31 Oct 05.
-
Restrictions
-
The software is copyrighted by Ipsilon Networks, Inc.
(a "BSD-style" copyright). See the beginning of the source file
tcpdpriv.c for details.
This copyright essentially means you can redistribute
the software freely, provided you keep the authorship information intact.
-
Documentation
-
A
man page.
-
Distribution
-
Available in
compressed tar format.