OpenPacket.org 1.0 Is Live

Nearly three years after the initial post describing the idea , I am happy to report that OpenPacket.org 1.0 is ready for public use, free of charge.

The mission of OpenPacket.org is to provide quality network traffic traces to researchers, analysts, and other members of the digital security community. One of the most difficult problems facing researchers, analysts, and others is understanding traffic carried by networks. At present there is no central repository of traces from which a student of network traffic could draw samples. OpenPacket.org will provide one possible solution to this problem.

Analysts looking for network traffic of a particular type can visit OpenPacket.org, query the OpenPacket.org capture repo for matching traces, and download those packets in their original format (e.g., Libpcap, etc.). The analyst will be able to process and analyze that traffic using tools of their choice, like Tcpdump, Snort, Ethereal, and so on.

Analysts who collect their own traffic will be able to submit it to the OpenPacket.org database after they register.

Anonymous users can download any trace that's published. Only registered users can upload. This system provides a level of accountability for trace uploads.

Our moderators will review the trace to ensure it does not contain any sensitive information that should not be posted publicly. Besides appearing on the site, once a trace has been published you can receive notice of it via this published trace RSS feed.

If you have any doubt regarding the publication of a trace, do not try to submit it. When moderators are unsure of the nature of a trace, we will reject it. OpenPacket.org is not a vehicle for publishing enterprise data as contained in network traffic.

I would like to thank all the people who submitted suggestions and did feature testing via the openpacket-devel mailing list. If you have issues regarding usage of the site, consider subscribing to the openpacket-users mailing list or post to the OpenPacket.org Forums.

As time permits I will probably post more on how to use OpenPacket.org strictly on the OpenPacket Blog. I will minimize cross-posting to TaoSecurity Blog and OpenPacket Blog.

I save my final thanks for Sharri Parsell, our Web developer, and JJ Cummings for hosting OpenPacket.org. Without your work we would not have a site!

OpenPacket.org Almost Ready to Launch

I think we're almost ready to go live. I asked Sharri to take a look at the ability to remove traces once published, and a few other minor items. Assuming she can make those changes, I'd like to post word of OpenPacket.org on the TaoSecurity Blog on Wednesday 2 April.

If you have any final testing you'd like to do, please do so before we go "live."

OpenPacket.org is available at http://www.openpacket.org.

OpenPacket.org RC2

Thanks to yet more excellent, all-volunteer work by our developer Sharri Parsell, I am happy to notify you RC2 of OpenPacket.org is now available at

http://beta.openpacket.org:8080/

Thank you to JJC of www.redsphereglobal.com for continuing to provide hosting. JJC will host the site until it appears that we are outgrowing his generosity. If you would like to sponsor us, please contact me (taosecurity at gmail dot com).

Please take another look at the site and report feedback to the openpacket-devel@lists.sourceforge.net mailing list.

This site is considered RC2 quality. We plan to announce RELEASE on 20 February to coincide with the first day of Black Hat DC Briefings.

If you are interested in assessing the security of the site, please contact me directly. We can coordinate with Sharri and JJC to ensure your discoveries do not catch us by surprise. We appreciate those of you who did some XSS testing -- please try again and let us know what you find.

OpenPacket.org RC1

Thanks to even more excellent, all-volunteer work of our developer Sharri Parsell, I am happy to notify you RC1 of OpenPacket.org is now available at

http://beta.openpacket.org:8080/

Thank you to JJC of www.redsphereglobal.com for continuing to provide free temporary hosting. We are working on a more permanent solution, but if you have ideas now please let me know.

Please take a look and report feedback to the openpacket-devel@lists.sourceforge.net mailing list.

This site is considered RC1 quality. We plan to announce RC2 on 18 January, followed by a public RELEASE on 1 February.

If you are interested in assessing the security of the site, please contact me directly. We can coordinate with Sharri and JJC to ensure your discoveries do not catch us by surprise. We appreciate those of you who did some XSS testing -- please try again and let us know what you find.