[Intrusions] Looking to split a 4 gig windump file
Jack McCarthy
intrusion.list at jackmccarthy.com
Thu Mar 10 19:04:00 GMT 2005
Why off list? Sounds like it's on topic to me and I'm sure we'd all like to
know the results...at least I would.
If you've already installed Ethereal, then you should have Editcap installed
too.
http://www.ethereal.com/docs/man-pages/editcap.1.html
Running this from a command line cuts a 593mb cap file down to 273mb - first
half of the file.
c:\> editcap -r infile outfile 1-300000
and this gives me the second half at 320mb.
c:\> editcap -r infile outfile 300001-900000
Adjust your numbers accordingly and it should work.
-jack
--- anthony reyes <areyesny at yahoo.com> wrote:
>
> Hi all,
>
> Im looking to split a 4Gig Windump file. I've tried
> several ways in both Linux & Windows with no success.
>
> I've used tcpsplit, split, ethereal, Iris, windump,
> tcpdump, snort, snortsnarf, acid, grep (painful) and
> several other ways. Any ideas. Please contact me off
> the list.
>
> Thanks,
>
> Anthony Reyes
>
>
>
> ---------------------------------
> Celebrate Yahoo!'s 10th Birthday!
> Yahoo! Netrospective: 100 Moments of the Web
> _______________________________________________
> Intrusions mailing list
> Intrusions at lists.sans.org
> http://www.dshield.org/mailman/listinfo/intrusions
>
More information about the Intrusions
mailing list