PCAP Sanitization Tool
smb at cs.columbia.edu
Thu Jun 17 13:49:55 UTC 2010
On Jun 17, 2010, at 6:46 51AM, Valdis.Kletnieks at vt.edu wrote:
> On Wed, 16 Jun 2010 18:37:01 PDT, Steven Bellovin said:
>> What's your threat model? In general, proper anonymization of packet
>> trace data is very hard.
> I'll go out on a limb and point out that a large chunk of the difficulty is
> because every protocol has had to invent its own hack-arounds for working
> across a NAT. The resulting lack of standardization making things like
> Wireshark protocol examinations and sanitizing capture data is one of the less
> well-known reasons why NATs are evil.
My complaints are at a deeper level -- even without that, it's really hard.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
More information about the NANOG