OpenPacket.org Initial Announcement


I would like to announce that I am working on a project called OpenPacket.org. The mission of OpenPacket.org is to provide quality network traffic traces to researchers, analysts, and other members of the digital security community. One of the most difficult problems facing researchers, analysts, and others is understanding traffic carried by networks. At present there is no central repository of traces from which a student of network traffic could draw samples. OpenPacket.org will provide one possible solution to this problem.

Analysts looking for network traffic of a particular type will visit OpenPacket.org, query the OpenPacket.org Database for matching traces, and download those packets in their original format (e.g., Libpcap, etc.). The analyst will be able to process and analyze that traffic using tools of their choice, like Tcpdump, Snort, Ethereal, and so on.

Analysts who collect their own traffic will be able to submit it to the OpenPacket.org database, assuming it is suitable for public review and meets guidelines to be announced later.

I am currently working with some friends and colleagues on this project. We hope to have OpenPacket.org up and running before the end of the year. At present the OpenPacket.org domain name is "parked," and soon it will simply forward to this blog entry. As we enter Alpha and then Beta status, more will be available through that domain name.

Comments

Anonymous said…
Great idea:)
Anonymous said…
Make sure to provide some anonomyzing tools (or discuss/link to) such as the nice things from caida and others. Unfortunatly, most (all?) of these have trouble with captured data that contain thinks like 802.1q, QinQ, and MPLS tags.. Which make traces that contain that type of data very very hard to share.
Anonymous said…
Richard,

Definitely looking forward to the site and contributing to that community. Let me know if I can help in any way.

Chuck
Anonymous said…
Hey Richard,

This is definitely something that the community has needed for a long time. The problem is most of us don't have the bandwidth (not just the circuit but HW, time, cycles) to do this on our own. Bringing this together on in addition to everything else you are involved in is top notch.

If there is anything that I can do to help, let me know.

-Brandon
Anonymous said…
Very cool. Something that has been needed for a while.

The Ethereal Sample Capture Page is a also good start.


- Matthew Franz
Anonymous said…
If we can provide resources or content from Bleeding Snort, we're happy to. Let me know what you need.

Matt Jonkman
Anonymous said…
I third or fourth the positive comments, once information is available on what is needed I will be happy to contribute as well.

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics