PF_RING is a Linux kernel module and user-space framework that allows you to process packets at high-rates while providing you a consistent API for packet processing applications.

PF_RING is a type of network socket that improves the packet capture speed, and that’s characterised by the following properties:

  1. Available for Linux kernels 2.6.32 and newer.
  2. No need to patch the kernel: just load the kernel module.
  3. 10 Gbit Hardware Packet Filtering using commodity network adapters
  4. User-space ZC (new generation DNA, Direct NIC Access) drivers for extreme packet capture/transmission speed as the NIC NPU (Network Process Unit) is pushing/getting packets to/from userland without any kernel intervention. Using the 10Gbit ZC driver you can send/received at wire-speed at any packet sizes.
  5. PF_RING ZC library for distributing packets in zero-copy across threads, applications, Virtual Machines.
  6. Device driver independent.
  7. Support of Accolade, Exablaze, Endace, Fiberblaze, Inveatech, Mellanox, Myricom/CSPI, Napatech, Netcope and Intel (ZC) network adapters.
  8. Kernel-based packet capture and sampling.
  9. Libpcap support (see below) for seamless integration with existing pcap-based applications.
  10. Ability to specify hundred of header filters in addition to BPF.
  11. Content inspection, so that only packets matching the payload filter are passed.
  12. PF_RING™ plugins for advanced packet parsing and content filtering.

If you want to know about PF_RING visit the Documentation section.

Download Links

This article was published on Hack Hex website, under Tools section, written by Dawood Khan. Share & leave us some comments on what you think about this topic or if you like to add something.

Tags: Analysis, brute force tools, Capture, Computer Security, ethical hacking, Filtering, HighSpeed, linux security testing, malware analysis tools, Packet, password brute force, Penetration Testing, penetration testing distribution, penetration testing linux, pentest android, pentest linux, pentest toolkit, pentest tools, PFRING, security tool kit, spy tool kit, spyware, web application testing tools, web malware detection,