Datasets
Open Access
CRAWDAD tools/analyze/pcap/WScout (v. 2007-09-25)
- Citation Author(s):
- Submitted by:
- CRAWDAD Team
- Last updated:
- Fri, 11/16/2007 - 08:00
- DOI:
- 10.15783/C7V01S
- Data Format:
- License:
- Collection:
- CRAWDAD
- Categories:
- Keywords:
Abstract
WScout, lightweight PCAP file visualizer.
WScout provides a PCAP traces visualizer that is able to work with huge traces (>10 GiB). Its goals are speed and low memory requirements. Despite its design being protocol-agnostic, it currently handles only Prism and IEEE 802.11 headers, hence its name.
Lastmodified :
2007-11-16
Dataname :
tools/analyze/pcap/WScout
File :
wscout-1.1.tar.gz
Releasedate :
2007-09-25
Equiversion :
v1.1
Change :
* WScout 1.1 is released! - Middle clicking when the window system's clipboard has numerical content now go to the corresponding frame (e.g. Copying "42" into the clipboard then middle clicking inside WScout goes to packet #42). As a side effect, only left clicks select packets (middle clicks used to select packets before). - Duplicating windows does not re-build file indexes anymore. This allows significant performance improvements on window duplication. - Bugfix: opening an empty trace does not result in a failed assertion. - The default filtering command becomes sh -c "tshark -q -i- < '%1' -w '%2' -R '%3'" So tshark will not complain when asked to filter big (> 2GiB) files. But of course, this implies your system must provide `sh'. Although no big deal with UNIX systems (GNU/Linux, BSD, Mac OS X) I do not know what this will give with MS Windows... - The filter dialog is no more a modal window.
References :
The WScout website
Website :
http://wscout.lip6.fr
Keyword :
802.11 802.11 frames packet trace tcpdump
License :
Copyright© 2007 Université Pierre et Marie Curi- Paris 6 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. See the GNU General Public License for more details.
Support :
1. We are not aware of any bug in WScout. That is why reporting unknown bugs to the package's maintainers (thomas.claveirole@lip6.fr) is so important! :-D 2. If you have found a bug, please Report it to the package's maintainers (thomas.claveirole@lip6.fr). 3. If you would really love having feature X implemented, then, implement it! ;-) More seriously, unless this is a ridiculously simple feature to implement, this is unlikely we will do it for you. But giving feedback to the package's maintainers (thomas.claveirole@lip6.fr) about the features you want is important. So we know if important features are missing. 3. If you want to contribute to WScout and implement some features, have a look at doc/HACKING. Again, contact the package's maintainers (thomas.claveirole@lip6.fr) so they can help you implement new features. 4. If you have any question, please email the package's maintainers (thomas.claveirole@lip6.fr).
Build :
1. What are WScout's requirements? WScout needs: - A standard compliant C++ compiler. WScout's developers use GCC. - GNU make. Or any other make that supports pattern rules using '%'. - The Boost C++ libraries (http://www.boost.org/). More specifically: date_time, foreach, format, conversion/lexical_cast, optional, smart_ptr, tokenizer. - Trolltech's Qt library (http://trolltech.com/products/qt/), at least version 4.3. You will also need some tools provided with this library: the Meta-Object Compiler (moc) and the Resource Compiler (rcc). On some systems (e.g. Debian GNU/Linux) they are provided in separate packages. 2. How do I install WScout? WScout's packaging follows the GNU conventions. An installation documentation is provided in the INSTALL file in the package's root directory. However, with a standard system, the following commands should do the trick: --- mkdir _build cd _build ../configure make make install make check --- On some systems, you might have to customize the configure script's invocation. E.g. --- mkdir _build cd _build ../configure CPPFLAGS=-I/usr/include/qt4 make make install make check --- 3. Why does WScout's configure check for the libpcap and GMP? Actually WScout's configure does not check that. But WScout might embed a package called trace-tools, which configure script check for libpcap and GMP. However, these are optionals, and the build should be fine despite you might be missing these packages. 4. configure complains it did not find library X? Either library X is not installed on your system, either your system is not properly configured, so the library cannot be found. You may use the CPPFLAGS and LDFLAGS variables to correct this behavior. E.g., run --- ./configure CPPFLAGS=-I/custom/path/include/qt4 LDFLAGS=-L/custom/path/lib --- As an example, on my system (Debian GNU/Linux), I invoke --- ./configure CPPFLAGS=-I/usr/include/qt4 --- 5. configure complains it found library X's headers, but is unable to link? Most probably library X is installed but its binaries are in a non-standard place. Use the LDFLAGS variable as described previously. 6. configure complains library X's headers are unusable, despite successful linking? Most probably library X is installed but its headers are in a non-standard place. Use the CPPFLAGS variable as described previously.
Output :
Please see sample screenshots at http://wscout.lip6.fr/overview.html
Usage :
Basically, WScout provides a multiple tabbed window to visualize PCAP traces. WScout is able to open very large files. These might take a few dozen seconds to load, but WScout will not demand much CPU and memory resources. WScout is also able to handle PCAP traces with no Prism header. You may process your traces with external programs in order to filter them. Finally, WScout also enables browsing using multiple windows.
Example :
Please see sample screenshots at http://wscout.lip6.fr/overview.html
The files in this directory are a CRAWDAD toolset hosted by IEEE DataPort. About CRAWDAD: the Community Resource for Archiving Wireless Data At Dartmouth is a data resource for the research community interested in wireless networks and mobile computing. CRAWDAD was founded at Dartmouth College in 2004, led by Tristan Henderson, David Kotz, and Chris McDonald. CRAWDAD toolsets are hosted by IEEE DataPort as of November 2022. Note: Please use the tools in an ethical and responsible way with the aim of doing no harm to any person or entity for the benefit of society at large. Please respect the privacy of any human subjects whose wireless-network activity is captured by the tools and comply with all applicable laws, including without limitation such applicable laws pertaining to the protection of personal information, security of data, and data breaches. Please do not apply, adapt or develop algorithms for the extraction of the true identity of users and other information of a personal nature, which might constitute personally identifiable information or protected health information under any such applicable laws. Do not publish or otherwise disclose to any other person or entity any information that constitutes personally identifiable information or protected health information under any such applicable laws derived from the tools through manual or automated techniques. Please acknowledge the source of the tools in any publications or presentations reporting use of this tools. Citation:
Thomas Claveirole, Marcelo Dias de Amorim, CRAWDAD toolset tools/analyze/pcap/WScout (v. 2007‑09‑25), https://doi.org/10.15783/C7V01S, Sep 2007.
Dataset Files
- wscout-1.1.tar.gz (1.16 MB)
Open Access dataset files are accessible to all logged in users. Don't have a login? Create a free IEEE account. IEEE Membership is not required.
Documentation
Attachment | Size |
---|---|
tools-analyze-pcap-WScout-20070925-readme.txt | 1.63 KB |
These datasets are part of Community Resource for Archiving Wireless Data (CRAWDAD). CRAWDAD began in 2004 at Dartmouth College as a place to share wireless network data with the research community. Its purpose was to enable access to data from real networks and real mobile users at a time when collecting such data was challenging and expensive. The archive has continued to grow since its inception, and starting in summer 2022 is being housed on IEEE DataPort.
Questions about CRAWDAD? See our CRAWDAD FAQ. Interested in submitting your dataset to the CRAWDAD collection? Get started, by submitting an Open Access Dataset.