Updates PcapsE-OS X v-1.1 :  is a wrapper of tcpreplay directly integrated on Mac OS X for the execution of caps files.

Updates PcapsE-OS X v-1.1 : is a wrapper of tcpreplay directly integrated on Mac OS X for the execution of caps files.

Change v-1.1 : Bug Fixed and Major Changes

PcapsE-OS X is a wrapper of tcpreplay directly integrated on Mac OS X Mavericks 10.9.3 for the execution of caps files that generate simulated malware traffic to test IDS Mac OS X based or redirecting simulated malware traffic on the interface of the IDS to other devices that perform correlation of events. You need install libnet and tcpreplay: sudo port install libnet11 @1.1.6_2 and install tcpreplay-4.0.4.tar.gz and install MonoFrameworkMRE-2.10.11.macos10.xamarin.x86 that empowering a Common Language Runtime on Mac OS X.Run Malware caps

Features
PcapsE-OS X is a wrapper of tcpreplay directly integrated on Mac OS X Mavericks 10.9.3 for the execution of caps files that generate simulated malware traffic to test IDS Mac OS X based or redirecting simulated malware traffic on the interface of the IDS to other devices that perform correlation of events to test effectiveness. You need install libnet and tcpreplay. Libnet: sudo port install libnet11 @1.1.6_2 and install tcpreplay-4.0.4.tar.gz and MonoFramework-MRE-2.10.11.macos10.xamarin.x86 that empowering Common Language Runtime on Mac OS X. PcapsE-OS X must be installed on the same platform that is hosting the IDS and all the traffic generated by PcapsE-OS X should be directed to the IDS interface in order to test the effectiveness or the effectiveness of devices that performing correlation of events redirecting simulated malware traffic on the interface of the IDS to these devices. In Figure 2 and 3 show the use of PcapsE-OS X and the next step of packet capture with Wireshark.

PcapsE-OS X

PcapsE-OS X

In Figure 3 in order to illustrate the use of PcapsE-OS X is the comparison between the malware traffic sniffed of the caps executed with the corresponding malware traffic contents in file .cap that i have renamed in file .pcap because Wireshark read only files with extension .pcap. Note: For run PcapsE-OS X you need to be root. The update source option 39 is Malware-Traffic-Analysis. Install Rename.dmg contents in PcapsE-OS X v.1.0.tgz and use the program Rename to change the extension of files .pcap in files .cap and read instructions for configuration of Mac OS X Syslogd.

Menu PcapsE-OS X

Menu PcapsE-OS X

Options:
(1) Chat
(2) Unix
(3) Microsoft
(4) Mac OS X
(5) Network
(6) DHCP
(7) Firewalls
(8) Routers
(9) Proxy
(10) Switches
(11) HTTP
(12) HTTPS
(13) DNS
(14) SW
(15) Nessus
(16) Tacacs+
(17) Vmware
(18) Backdoors
(19) Citrix
(20) Mail
(21) P2P
(22) SQL
(23) Web
(24) XSS
(25) Exploits
(26) Xprobe
(27) Nmap
(28) Telnet
(29) SSH
(30) FTP
(31) Vnc
(32) Radius
(33) Tor
(34) Malware
(35) DoS
(36) Botnet
(37) Openssl
(38) Malware News
(39) Updates of pcap

Download Latest Version : PcapsE-OS X V.1.1.tgz (75.3 MB)
Source : http://pcapse.sourceforge.net/ | Our post Before