Hi,
How about:
tshark -x > capture.txt
security review
text2pcap capture.txt capture.pcap
With the loss of timestamp info though.
Thanx,
Jaap
On Tue, 14 Nov 2006, frap puccino wrote:
> I work for the Navy and because some of our lab captures are done in a
> secret/classified environment, in order to remove the traces from the lab,
> we need to make them human readable to ensure to security officials that
> there isn't secret data hidden in the traces. Although we could provide
> "tcpdump -w" output, the problem we have is that we'd still like to be able
> to use analyzer tools that require libpcap format data after the data leaves
> the secret/classified lab. So we are looking into ways to translate libpcap
> binary outputs to readable text then back to libpcap binary format.
>
> We were hoping someone has already written a utility that would translate
> libpcap output into something human readable, such as xml, and perhaps there
> would then be a capability to translate it back to libpcap format too. If
> anyone has heard about something out there that does this, please let us
> know.
>
> Any feedback on other ideas to make this work would be appreciated.
>
> Thanks for your help.
>
