1 / 20

The FoxReplay Analyst

The FoxReplay Analyst. Dirk Peeters, Fox-IT. What is FoxReplay Analyst?. FoxReplay Analyst is a platform to fully benefit from intercepted Internet Analyst renders intercepted packets into an attractive interface for both technical and non-technical personnel Accepts packets from many sources.

cleary
Download Presentation

The FoxReplay Analyst

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The FoxReplay Analyst Dirk Peeters, Fox-IT

  2. What is FoxReplay Analyst? • FoxReplay Analyst is a platform to fully benefit from intercepted Internet • Analyst renders intercepted packets into an attractive interface for both technical and non-technical personnel • Accepts packets from many sources

  3. What is FoxReplay Analyst? (2) • Multi-user, multi-team, multi-intercept, simultaneous analysis • Support for many protocols, both classic and modern alike • Gmail, Yahoo, Maktoob, MSN • “Virtual Replay of what really happened”

  4. FoxReplay Analyst, an example

  5. What is FoxReplay Analyst? (3)

  6. FoxReplay Analyst flexibility overview OS independent front-end: MS Windows, Linux, OSX PCAP, User comments, Displayed data PCAP, TIIT, ETSI in batched files or streaming FoxReplay Analyst Link Analysis data Custom processing tools DB

  7. FoxReplay Analyst flexibility (1) • Accept packets from many sources: • Support for various Interception and Collection devices • Data can be offered to FoxReplay in batch or streaming mode • Flexible user and wiretap administration: • Independent of organizational structure

  8. FoxReplay Analyst flexibility (2) • Easy to use Graphical User Interface • Export from user interface to zip-file • PCAP of original IP data • XML file with metadata and user-made annotations • Raw event data • Command-line tools for export and administration • Direct database access

  9. Benefits for your organization • Easy to learn content analysis of modern day Internet traffic • Multi user, multi wiretap, with fine grained user control: Make it fit to your organization • Many input and export capabilities • Easy integration of custom tools, with or without telling us (i.e. special decryption tools)

  10. Modes of Operation • Three major operational modes: • Standalone • to complement your current solution • to solve compliancy problems • Small installation • Delivered together with probe, mediation function • Can serve several users • Major deployment • Agency wide, high bandwidth • FoxReplay Analyst can work with data from almost all vendors

  11. FoxReplay Analyst Goals • All authorized employees should be able to analyze intercepted internet: • Not just the technically skilled • Abilities for high-level overviews allowing for zooming in to details • Must support known protocols • A new protocol must be supported instantly • 100% natural display of intercepted data

  12. FoxReplay Analyst: High level (1)

  13. FoxReplay Analyst: High level (2)

  14. FoxReplay Analyst: Mid level

  15. FoxReplay Analyst: in-depth

  16. Multi-language support

  17. Seeing is believing • Challenge: send us an example of intercepted internet traffic(PCAP/TCPDUMP for example)‏ • We will show you the result

  18. FoxReplay Analyst “It’s as easy as looking over your target’s shoulder” http://www.foxreplay.eu FOXREPLAY ANALYST

More Related