I need to clarify,Is there any way or tool to capture customized packets and protocols,like whatsapp,skype etc,.I want know is it possible to combine nDPI with libpcap.
Thank you,
Asked
Active
Viewed 489 times
0
-
Most things like that are encrypted. Unless you can MITM them (install your certificate as trusted on the endpoint device and intercept the SSL/TLS stream) you won't get relevant data. You may get some metadata, but not the contents of the packets. At best, you can get the structure and/or IP's to which they are communicating. – Goodies Feb 01 '16 at 07:42
-
Thank you for your response goodies.. My question is that.. Does we can able to tap whatsapp like protocols to get stats like header stats which includes(payload,length,ttl etc.,).Is is it posiible or not.If possible what is the way.please reply asap....Thank you – kumar Feb 01 '16 at 07:49
-
Answer : "yes, its possible" - A skilled developer will find the necessary information [here](https://msdn.microsoft.com/en-us/library/windows/desktop/aa366071(v=vs.85).aspx) - but since my malware-sense are tingeling again i wont point out the details. – specializt Feb 01 '16 at 12:05
1 Answers
0
DPI Devices from PacketLogic from procera networks have created different kind of signatures based on the different packet captures at different time-stamps used to identify the services like whatsapp, skype. In that device we can distinguish the traffics based on the services and capture the packets based on the services
RahulKrishnan R A
- 496
- 1
- 6
- 10
-
s rahul. i know about that library.but if we combine tcpdump and nDPI we will the header and payload stats for skype,whatsapp right.please provide the solution for that.please provide the signature sample also.i will go through it. – kumar Feb 04 '16 at 06:37