PCAP Sanitization Tool

Steven Bellovin smb at cs.columbia.edu
Thu Jun 17 08:49:55 CDT 2010


On Jun 17, 2010, at 6:46 51AM, Valdis.Kletnieks at vt.edu wrote:

> On Wed, 16 Jun 2010 18:37:01 PDT, Steven Bellovin said:
>> What's your threat model?  In general, proper anonymization of packet
>> trace data is very hard.
> 
> I'll go out on a limb and point out that a large chunk of the difficulty is
> because every protocol has had to invent its own hack-arounds for working
> across a NAT. The resulting lack of standardization making things like
> Wireshark protocol examinations and sanitizing capture data is one of the less
> well-known reasons why NATs are evil.

My complaints are at a deeper level -- even without that, it's really hard.

		--Steve Bellovin, http://www.cs.columbia.edu/~smb









More information about the NANOG mailing list