cxtracker, Information, OpenSourceSoftware, Security, Sguil

CxTracker – A passive network connection tracker…

I just tested my latest perl project, cxtracker, with sguil.

CxTracker (Connection Tracker) is a passive network connection tracker for profiling, history, auditing and network discovery. It can be used as an replacement for sancp in the sguil setup.

I started implementing this because I am thinking of making prads a bit more connection oriented. In stead of branching prads, I started a small perl script, and I quickly saw that it could do well as a standalone daemon in my sguil environment. So it now has its own life.

I will polish a bit more on it, and then start porting the functionality into prads for some performance testing. The idea, is that making prads aware of connections, one can do regexp on parts of the traffic, and not the whole traffic (to save cpu cycles on tcp/udp service/client detection).

Check it out/Clone it! Feedback is always wellcome!

“Know your connections!”

Advertisements
Standard

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s