Robert Graham on TurboCap

I liked Robert Graham's post on CACE Technologies TurboCap. I don't necessarily think TurboCap is that exciting, but I learned a lot of tricks reading Robert's explanation of how to collect packets quickly for traffic inspection purposes. I've discussed some of them, like device polling on FreeBSD.

By the way, don't forget to upgrade to Wireshark 1.0.2.


Popular posts from this blog

Zeek in Action Videos

MITRE ATT&CK Tactics Are Not Tactics

New Book! The Best of TaoSecurity Blog, Volume 4