WingNews logo WingNews GitHub [2]
top | item 20586005

Moloch – Open-Source Large Scale Indexed Packet Capture and Search System

58 points| rosaliebee | 6 years ago |yahoodevelopers.tumblr.com | reply

28 comments

order
[+] hprotagonist|6 years ago|reply
I suppose verizon is the right entity to choose to name something this, but really: What sphinx of cement and aluminum bashed open their skulls and ate up their brains and imagination?

Can we salt the earth after they're gone, too?

[+] rdtsc|6 years ago|reply
https://github.com/aol/moloch

Comes from AOL. So indeed an ancient and powerful god. The only caveat is to get it to do anything you have to poses a magic artifact - an original AOL free trial CD.

But in all seriousness I remember trying it out years ago and it worked pretty well. It ended put a bit too complex for what we needed, but I remember being impressed by it.

[+] jihadjihad|6 years ago|reply
https://en.wikipedia.org/wiki/Moloch
[+] theonlyklas|6 years ago|reply
Yeah, what's up with this name? It puts me off immediately knowing of Moloch. Was everyone at Yahoo okay with this name as they worked on it? It seems so strange of a choice.
[+] warpech|6 years ago|reply
Maybe the name comes from Polish language, where lowercase "moloch" simply means something gigantic, especially a structure.
[+] thatfunkymunki|6 years ago|reply
I currently use this at work (DoD entity) as our full packet capture solution. Love it and am super happy with the features it has. Interestingly, it's an AOL product (or was? Last I checked). Wasn't aware those guys still do stuff.
[+] dguido|6 years ago|reply
Fun fact, Moloch's initial development was funded by DARPA Cyber Fast Track! Glad to hear it's working out for people in DOD.
[+] jjeaff|6 years ago|reply
I know someone who works for one of the older ISPs like AOL. They still have millions of dialup customers.

I believe AOL still has a few million still on dialup.

[+] badrabbit|6 years ago|reply
Just FYI, CuckooSandbox has good integration with this,which is nice when you want to find undiscovered badness in your environment that talks to similar network entities as your sandbox detonation.
[+] armitron|6 years ago|reply
I wouldn't want to run this solely based on the fact that they wrote a tremendous amount of parsers in C. Even worse, it also seems they wrote them by hand and didn't use a parser generator. This is really not what you should be doing in 2012-2019.
[+] iamwpj|6 years ago|reply
I ran this on our edge and was really impressed. It's a great product -- install and running can happen fast, results are good. Kudos!
[+] SiempreZeus|6 years ago|reply
I thought this is about Moloch DAO, the Ethereum-based group.
[+] emptysongglass|6 years ago|reply
I also thought this. Moloch is a very big deal in the Ethereum space.