Hi there, I am working on signature based IDS, for this I have captured the TCP/IP traffic through Wireshark and got a pcap file, I want to extract some fields from the packet itself. How do I do this? I have been searching through the Internet and got the idea of installing libpcap library but I have found it difficult to install it properly. I am hoping that someone is going to help me in this regard, specially Mr. arunmagar
Web Spider
0
Newbie Poster
Recommended Answers
Jump to Postlibpcap is just the library that enables you to capture the network traffic, if the data you are capturing is not a protocol that WireShark already handles then your only options are to extract the data by hand (i.e. copy it off the screen or export to a text format …
All 2 Replies
Reply to this topic
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.