PCAP Sanitization Tool

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Thu Jun 17 08:46:51 CDT 2010


On Wed, 16 Jun 2010 18:37:01 PDT, Steven Bellovin said:
> What's your threat model?  In general, proper anonymization of packet
> trace data is very hard.

I'll go out on a limb and point out that a large chunk of the difficulty is
because every protocol has had to invent its own hack-arounds for working
across a NAT. The resulting lack of standardization making things like
Wireshark protocol examinations and sanitizing capture data is one of the less
well-known reasons why NATs are evil.

I'll cut FTP some slack - it dates back *so* far we can legitimately
say we just didn't know any better way back in the Stone Age. ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20100617/62380c20/attachment.bin>


More information about the NANOG mailing list