Kris,

(Taken from the NetworkICE website at
http://advice.networkice.com/advice/support/kb/q000016/default.htm)

---quote---
These files are stored in a standard "sniffer tracefile". These files can
only be analyzed by programs that network technicians use to analyze network
traffic. Your ISP and network consultants are likely to have these programs,
but they are expensive and hard to find on the net.

We've tested the files with the following products, though there are many
others that can analyze these files.

Microsoft Network Monitor
This is not available as a stand-alone product, but instead comes with
Windows NT Server and SMS. It only runs on Windows NT. A sample of the
output of this program is shown below.
Sniffer Network Analyzer
An older version runs on DOS, the latest version runs on Windows NT.
NetXRay for Windows
The free demo version (which runs on Win9x and WinNT) can analyze the first
5 frames in the file. See article q000057 for more information.
More information on this file and what to do with it can be found at
sniffing-faq.html
(http://www.robertgraham.com/pubs/sniffing-faq.html#software-windows)
---endquote---

I don't know of a way to get freeware sniffers like Ethereal or Analyzer to
read these files, but someone might know one.

Richard
Hacker Immunity Ltd

-----Original Message-----
From: Focus on Microsoft Mailing List [mailto:FOCUS-MSSECURITYFOCUS.COM]On
Behalf Of Kristofer Magstadt
Sent: 11 April 2001 23:42
To: FOCUS-MSSECURITYFOCUS.COM
Subject: .enc files

ok i was attacked both with trojan's and dos'ed for 5 hours lastnight and
one of my firewalls that i use well 1 of the 3 blackice puts all its logs in
.enc format could someone tell me how or where to get a program to open that
file with

thanks
kris

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]