Xplico is a network forensics analysis tool (NFAT), which is a software that reconstructs the contents of acquisitions performed with a packet sniffer. Xplico aims to extract Internet traffic from existing application data. It should be noted that pcap, Xplico extracts every email (POP, IMAP and SMTP protocols), all HTTP content, every VoIP (SIP) call, FTP, TFTP and so on. In this tutorial, we are going to introduce you to Tutorial Install Xplico on Ubuntu 20.04. You can also check out the packages available in Eldernode to purchase the Ubuntu VPS server.
How to Install Xplico on Ubuntu 20.04
Xplico is releasing under the GNU General Public License. Protocols supported in this software include HTTP, SIP, IMAP, POP, SMTP, TCP, UDP, IPv6. It should be note that in each data collected by Xplico, there is an associated XML file that uniquely identifies streams and pcaps containing the collected data. The ability to create any type of distributor to easily organize the extracted data in the most convenient and useful case for you is an important feature of Xplico. Other features of Xplico include:
– Port Independent Protocol Identification (PIPI) for each application protocol.
– Multithreading.
– Output data and information in SQLite database or Mysql database and/or files.
– Each data reassembled by Xplico is associated with a XML file that uniquely identifies the flows and the pcap containing the data reassembled.
– Realtime elaboration (depends on the number of flows, the types of protocols, and by the performance of computer RAM, CPU, HD access time).
– TCP reassembly with ACK verification for any packet or soft ACK verification.
– Reverse DNS lookup from DNS packages contained in the inputs files (pcap), not from the external DNS server.
– No size limit on data entry or the number of files entrance (the only limit is HD size).
– IPv4 and IPv6 support.
– Modularity.
In the continuation of this tutorial, join us to learn how to install Xplico on Ubuntu 20.04.
Install Xplico on Ubuntu 20.04 | Ubuntu 18.04
To start installing Xplico on Ubuntu 20.04, you must first enter the following command:
sudo bash -c 'echo "deb http://repo.xplico.org/ $(lsb_release -s -c) main" >> /etc/apt/sources.list'Then in the next step you must use the following command to continue the installation:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 791C25CENow you need to update the system to apply the changes made using the command:
sudo apt-get updateFinally you need to install xplico using the following command:
sudo apt-get install xplicoConclusion
Xplico is a Network Forensic Analysis Tool (NFAT). This software reconstructs the contents of the acquisitions made with the packaging liquid. It is interesting to note that Xplico was born with the goal of restoring protocol application data. Xplico can detect protocols using a technique called Port Independent Protocol Identification. In this article, we tried to introduce you to the Tutorial Install Xplico on Ubuntu 20.04.
