Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 543098

Summary: net-analyzer/dshell - extensible network forensic analysis framework
Product: Gentoo Linux Reporter: Michael Lawrence <mike>
Component: New packagesAssignee: Default Assignee for New Packages <maintainer-wanted>
Status: UNCONFIRMED ---    
Severity: enhancement    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://github.com/USArmyResearchLab/Dshell
Whiteboard:
Package list:
Runtime testing required: ---

Description Michael Lawrence 2015-03-13 00:11:55 UTC 
Dshell
An extensible network forensic analysis framework. Enables rapid development of plugins to support the dissection of network packet captures.

Key features:

Robust stream reassembly
IPv4 and IPv6 support
Custom output handlers
Chainable decoders
Prerequisites

Linux (developed on Ubuntu 12.04)
Python 2.7
pygeoip, GNU Lesser GPL
MaxMind GeoIP Legacy datasets
PyCrypto, custom license
dpkt, New BSD License
IPy, BSD 2-Clause License
pypcap, New BSD License

Reproducible: Didn't try




other dshell seah leaves a potage related blob.
Comment 1 Michael Lawrence 2015-11-07 05:36:12 UTC 
https://github.com/necrose99/necromancy-overlay/blob/master/app-forensics/dshell/dshell-9999.ebuild

speculative ebuild , based on yara-python (pentoo-overlay) for skel, I have not had a chance to test, 

Just moved  laptops second drive had my dual boot Gentoo Environment. >/dev/dying oh no..... :-(  
will have to pull into my VM , (ughh slow) 
anyhow I'm hoping upstream would also start tagging releases and or making them in tarballs. thus actual versions for ebuilds . but no luck.