Wednesday, January 11, 2012

Large Scale Pcap Analysis

It seems that the storage is not much an issue when comes to packet capture anymore, looking at terabytes become general everywhere, and many network analysis tools seem to gear toward large scale pcap data analysis, bro-ids has extended their functionality by using tons of community hardware and timemachine to capture and  analyze network data, and now I just come to read about people in RIPE NCC are doing this using apache hadoop -

https://labs.ripe.net/Members/wnagele/large-scale-pcap-data-analysis-using-apache-hadoop

As we know as well, pcapr is also making use of cloud technology to share and analyze pcap data for internet community.

Enjoy ;]

1 comment:

Martin said...

If you liked TimeMachine, check out my streamdb.googlecode.com project. We use it every day to retrieve any stream in 10 TB of data in under a second, fully parsed for display. I featured it in my talk at the Bro Workshop this year.