I like security visualization tools, and it helps you to interpret computer events easily. Here's how I get NetGrok running in my apple laptop -
Download and install Jpcap -
shell>wget http://netresearch.ics.uci.edu/kfujii/jpcap/jpcap-0.7.tar.gz
shell>tar xvzf jpcap-0.7.tar.gz
shell>cd jpcap-0.7/src/c
shell>make
shell>cp libjpcap.jnilib /Library/Java/Extensions/
shell>cp ../../jpcap.jar /Library/Java/Extensions/
Download and run NetGrok
shell>wget http://netgrok.googlecode.com/files/netgrok20080928.zip
shell>unzip netgrok20080928.zip
shell>cd Netgrok
There's problem with the file groups.ini, you have to change this line
Private1=Wireless=192.168.0.0/16
To -
Private1-Wireless=192.168.0.0/16
Now you can run netgrok without problem -
shell>java -jar netgrok20080928.jar
Below are two screenshots I took -
You might want to check it out, it definitely supports pcap format file! For more information you can check out at NetGrok site.
Cheers (;])
1 comment:
Great info - thank you. One note: I found jpcap.jar in [jpcap-0.7 dir]/lib, so ../../ won't reach it from src/c
Post a Comment