Good news for the fans of NetworkMiner! A new version is out! These are the functionalities added to the new version: NetworkMiner 0.88:
* Support for the Cisco HDLC (cHDLC) layer 2 protocol
* Support for Linux cooked captures (a layer 2 packet format often generated by tcpdump)
* Support for IPv6
* Parsing of SSH (only to extract SSH version and application banner to “host details”, I’m not trying to bruteforce the SSH encryption key or Diffie-Hellman handshake)
* Parsing of the Spotify authentication protocol to extract the Spotify username (displayed under “credentials”)
* Parsing of the SIP protocol (used in VoIP) to extract the SIP username (often an email address) and display it under “host details”
Seems like /erik has been working a lot on SIP these days eh? Thanks for the update /erik!
You can download the updated version here.
Related External Links
- TechLiteracy » 802.11 Network Forensic Analysis
- Network Forensics – Extracting audio, video and other binary data …
- Wireshark Network Forensics and Security DVD (WSU04)
- Network Security Analysis With Network Miner | Technology Blog
- NetworkMiner – Forensic Tool for identifying OS
- NetworkMiner 0.87-Observa la actividad de tu red local de forma segura
- Network Miner – Analizzare la sicurezza della Rete
networkminer, networkminer linux
{ 2 comments }
I downloaded the tool from Sourceforge and it contained the w32.Waldec (according to Symantec Endpoint Protection)
Hi Bruce! Thanks for your comment! We tested this tool with other antivirus. It does not detect any malware! For time being, you can exclude this directory from Symantec Endpoint Protection. Do not worry! You can surely trust Sourceforge and tools listed there. Before we post, we also check the tool how it works or is it infected. Hope this helps you.
Comments on this entry are closed.