Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 543098 - net-analyzer/dshell - extensible network forensic analysis framework
Summary: net-analyzer/dshell - extensible network forensic analysis framework
Status: UNCONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: Normal enhancement (vote)
Assignee: Default Assignee for New Packages
URL: https://github.com/USArmyResearchLab/...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-03-13 00:11 UTC by Michael Lawrence
Modified: 2015-11-07 05:36 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Lawrence 2015-03-13 00:11:55 UTC
Dshell
An extensible network forensic analysis framework. Enables rapid development of plugins to support the dissection of network packet captures.

Key features:

Robust stream reassembly
IPv4 and IPv6 support
Custom output handlers
Chainable decoders
Prerequisites

Linux (developed on Ubuntu 12.04)
Python 2.7
pygeoip, GNU Lesser GPL
MaxMind GeoIP Legacy datasets
PyCrypto, custom license
dpkt, New BSD License
IPy, BSD 2-Clause License
pypcap, New BSD License

Reproducible: Didn't try




other dshell seah leaves a potage related blob.
Comment 1 Michael Lawrence 2015-11-07 05:36:12 UTC
https://github.com/necrose99/necromancy-overlay/blob/master/app-forensics/dshell/dshell-9999.ebuild

speculative ebuild , based on yara-python (pentoo-overlay) for skel, I have not had a chance to test, 

Just moved  laptops second drive had my dual boot Gentoo Environment. >/dev/dying oh no..... :-(  
will have to pull into my VM , (ughh slow) 
anyhow I'm hoping upstream would also start tagging releases and or making them in tarballs. thus actual versions for ebuilds . but no luck.