We’re excited to have another great android app that can perform packet capture and upload to CloudShark. Lostnet Soft’s App and Geo Firewall for Android devices lets you take full control of your mobile network connection, limiting what apps are allowed to use and observing the biggest offenders of data usage and sharing. The firewall lets you set rules on both a per app and per location basis, so you can block access to addresses in particular countries if you suspect that there may be security violations, malware, or sharing of data that you did not approve.
As many are aware (as it’s now become national news), a vulnerability was recently discovered in OpenSSL dubbed Heartbleed. The attack centers around the implementation of the Heartbeat extension in OpenSSL which causes a server to return the contents of memory that should be protected. This blogpost by Troy Hunt describes the vulnerability in detail: Everything you need to know about the Heartbleed SSL bug. Being packet geeks, naturally we wanted to get a capture of the Heartbleed attack in action.
Hello CloudShark fans! As you may have heard, a serious vulnerability in OpenSSL was recently uncovered. OpenSSL is a popular open-source cryptography platform used around the world. Known popularly as the Heartbleed Bug, this new vulnerability impacts a large number of servers and services and has the ability to expose a wide range of sensitive system information to nefarious individuals. CloudShark runs on CentOS or RedHat Enterprise Linux (RHEL) 6. Recent versions of these distributions shipped with a version of OpenSSL containing the Heartbleed Bug.
This month we thought we’d revisit one of CloudShark’s most unique features: SSL stream viewing and rsa key management. What do you do when you have certificates that you need to distribute to your team to look at encrypted data? How do you troubleshoot encrypted network traffic without having to give users access to your keys on their local machines? CloudShark contains a unique key management system in addition to its packet capture repository.
CloudShark’s three key features - organizing, analyzing, and collaborating - all have their own ways of making packet capture analysis easier. In particular, organizing captures in a repository that can be tagged, sorted, and tracked can be made even more potent when you use it to centralize captures automatically from a variety of sources. Here’s three things you can do to build a packet capture network that pulls in captures from multiple locations: Building remote packet capture The CloudShark API upload function lets users push files to CloudShark using nearly any tool.