OUR SOFTWARE

Package Details

C5 SIGMA

C5 SIGMA takes network packet capture data as input and produces a structured relational database that can be used for analysis and reporting using SQL queries.

Licence

Copyright © Command Five Pty Ltd 2011. All rights reserved.

C5 SIGMA is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

C5 SIGMA is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

Description

C5 SIGMA takes network packet capture (pcap) data as input and produces a structured relational database that can be used for analysis and reporting using SQL queries.

This software automates TShark (a component of the free network protocol analysis tool Wireshark) to produce structured XML metadata about the packets within a collection of pcap files. The metadata is then stored in a relational database using a database schema automatically derived from the XML. An analyst can then easily use SQL queries to determine network statistics, conduct intrusion analysis, and correlate data across the entire dataset. Or alternatively, the database can be accessed by reporting and visual analysis tools (such as Crystal Reports or Palantir) to provide automated reports on activity of interest.

C5 SIGMA can be run either as a standalone tool or as part of a larger automated system. All protocols visible to Wireshark (including custom extensions) are supported without modification.

Both MySQL and SQL Server database engines are supported. SQL Server is recommended for better performance.

Screenshots

Screenshot

Screenshot

Screenshot

Screenshot

Screenshot

Screenshot

Screenshot

Screenshot

Click an image to enlarge.

Download Files

Version 1.1.0.0 (Current)

Windows Binaries

SHA1: 3b50cd0b718116fc6e4a79b11bfe7bd702f81c65

Source Code

SHA1: f618ed526220b607a2769f55c15270663586dd7e

Version 1.0.0.0

Windows Binaries

SHA1: f08f65718600fbe30141f16b7fc83c486422d652

Source Code

SHA1: 7a617b9add82af11f36d0fa61436ae5806c54099