Tuesday, October 11, 2005

~Flowgrep v0.9 powered by Libdistance~

For anyone who has attended HITB Sec Conf this year, you might still remember the shiny presentation of Jose Nazario regarding libdistance.

Wake up from the dead in the morning today, I do receive an email from Jose that he has finished the initial stage of getting libdistance to empower the flowgrep, I'm totally happy with that since Jose has really done what I have requested during HITB Sec Conf and I'm very much appreciate it. I can't wait to try it now, therefore what I can do is get it installed in my freebsd analyst workstation.

In order to get flowgrep-0.9 working for you, install the freebsd packages or ports below.

Libnet-1.0.2a
libpcapnav-0.5
python-2.4.1_3
swig-1.3.25_1
perl-5.8.6.2

Once you have all the dependencies, you can start downloading the libdistance from Jose site.

shell>cd /usr/local/src

shell>wget http://monkey.org/~jose/software/libdistance/
libdistance-0.2.1.tar.gz

shell>tar xvzf libdistance-0.2.1.tar.gz

shell>cd libdistance-0.2.1

shell>make

To have access libdistance from python, you have to install it too

shell>cd python

shell>python setup.py install

We are done with libdistance now, times to fetch flowgrep-0.9 source.

shell>wget http://monkey.org/~jose/software/flowgrep/
flowgrep-0.9.tar.gz

shell>tar xvzf flowgrep-0.9.tar.gz

shell>cd flowgrep-0.9

shell>cp flowgrep.py flowgrep

shell>python setup.py install

Flowgrep 0.9 will be installed in /usr/sbin

I have installed the flowgrep 0.8 previously from freebsd ports and it doesn't really matters since it is in /usr/local/sbin.

Flowgrep version 0.9 has libdistance integrated, it is more powerful now! I still need more times to explore the New Flowgrep, hopefully Jose will improve the perfomance of it in coming future.

Faithful thanks to Jose Nazario, you are a real Monkey!

No comments: