|
Xplico is a network forensics analysis tool (NFAT), which is a software that reconstructs the contents of acquisitions performed with a packet sniffer (e.g. Wireshark, tcpdump, Netsniff-ng). Unlike the protocol analyzer, whose main characteristic is not the reconstruction of the data carried by the protocols, Xplico was born expressly with the aim to reconstruct the protocols's application data and it is able to recognize the protocols with a technique named Port Independent Protocol Identification (PIPI).〔(【引用サイトリンク】title=ISSA Journal )〕 The name "xplico" refers to the latin verb (explico ) and its significance. Xplico is free and open-source software, subject to the requirements of the GNU General Public License (GPL), version 2. ==Overview== To clarify what Xplico does we can imagine to have the raw data (Ethernet or PPP) of a web navigation (HTTP protocol), in this case Xplico is able to extract and reconstruct all the Web pages and contents (images, files, cookies, and so on). Similarly Xplico is able to reconstruct the e-mail exchanged with the IMAP, POP and SMTP protocols. Among the protocols that Xplico identifies and reconstructs there are VoIP, MSN, IRC, HTTP, IMAP, POP, SMTP and FTP. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Xplico」の詳細全文を読む スポンサード リンク
|