Presentation is loading. Please wait.

Presentation is loading. Please wait.

Xplico: concept, features and demo.

Published byJerome Willis Bishop Modified over 7 years ago

Similar presentations

Presentation on theme: "Xplico: concept, features and demo."— Presentation transcript:

1 Xplico: concept, features and demo.

2 Xplico, NFAT For example, from a pcap file Xplico extracts each (POP, IMAP, SMTP and some webmails protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained.

3 Xplico – GNU's State of art
Decoded protocols Jan. 2010

4 Xplico - Layers and protocols supported
March 2010

5 Xplico – Working modes Modes Offline → PCAP Online → Network adapter
From CLI or web interface ./xplico -m rltm -i eth0

6 Xplico – Some screenshots

7 Xplico - Architecture Dema, Xplico, XI, DB

8 Real time demo of Xplico.
Xplico - Demo Real time demo of Xplico.

9 Xplico - Tips & tricks ”No checksum verification mode” available (solving non trustable software/hardware adquiring data systems). [FOR DEVELOPERS] lastdata.txt, index of decoded information. Non decoded flows are stored.

10 Xplico - Resources Downloads tar.gz (sources) DEB Virtualbox image
Wiki Captures Samples repository Forum (supported directly and quickly by developers).

11 Xplico PCAP capture demo of Xplico. Public pcap samplehttp://wiki.xplico.org/lib/exe/fetch.php?media=pcap:xplico.org_sample_capture_protocols_supported_in_0.5.5.pcap.bz2

12 Xplico Roadmap Short term: Gmail and VoIP dissectors.
Middle term: IM and p2p dissectors. Long term: advanced adquisition and decoding tools. Contributors are welcome.

13 Comments and questions.

Download ppt "Xplico: concept, features and demo."

Similar presentations

Decision Group www.edecision4u.com Forensics Investigation Toolkit (FIT) Layer 7 Content Reconstruction Tool.

Decision Group Forensics Investigation Toolkit (FIT) Layer 7 Content Reconstruction Tool.
E-Detective Series of Products Presentation (2009) Decision Group www.edecision4u.com.

E-Detective Series of Products Presentation (2009) Decision Group
Lawful Interception & Packet Forensics Analysis System Casper Kan Chang Decision Group June 2010.

Lawful Interception & Packet Forensics Analysis System Casper Kan Chang Decision Group June 2010.
Network Forensics and Lawful Interception Total Solutions Provider

Network Forensics and Lawful Interception Total Solutions Provider
 Html is made up of tags. The majority of them will be in pairs.  Some of the most common tags are shown below. TagsWhat does this mean? Bold Italic.

 Html is made up of tags. The majority of them will be in pairs.  Some of the most common tags are shown below. TagsWhat does this mean? Bold Italic.
TCP/IP summary Skills: none IT concepts: review This work is licensed under a Creative Commons Attribution-Noncommercial- Share Alike 3.0 License.

TCP/IP summary Skills: none IT concepts: review This work is licensed under a Creative Commons Attribution-Noncommercial- Share Alike 3.0 License.
Network Analyzer Example

Network Analyzer Example
Chapter 2: Application layer  2.1 Web and HTTP  2.2 FTP 2-1 Lecture 5 Application Layer.

Chapter 2: Application layer  2.1 Web and HTTP  2.2 FTP 2-1 Lecture 5 Application Layer.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.
Mgt 240 Lecture Exam Two Review November 30, 2004.

Mgt 240 Lecture Exam Two Review November 30, 2004.
Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.

Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.
Wireshark and TCP/IP Basics ACM SIG-Security Lance Pendergrass.

Wireshark and TCP/IP Basics ACM SIG-Security Lance Pendergrass.
Introduction 1-1 Chapter 2 FTP & Email Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 IC322 Fall.

Introduction 1-1 Chapter 2 FTP & Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 IC322 Fall.
2: Application Layer1 Chapter 2 Application Layer These slides derived from Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross.

2: Application Layer1 Chapter 2 Application Layer These slides derived from Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross.
Data Communications and Networks

Data Communications and Networks
Forensic and Investigative Accounting

Forensic and Investigative Accounting
Computer Concepts 2014 Chapter 7 The Web and E-mail.

Computer Concepts 2014 Chapter 7 The Web and .
SMTP, POP3, IMAP.

SMTP, POP3, IMAP.
1 Computer Communication & Networks Lecture 27 Application Layer: Electronic mail and FTP Waleed.

1 Computer Communication & Networks Lecture 27 Application Layer: Electronic mail and FTP Waleed.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.

Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.

Similar presentations

Ads by Google