Nicholai
6fada7889a
This toolkit provides comprehensive monitoring, analysis, and blocking capabilities for network telemetry sent by The Foundry's Nuke compositor on Linux. Key features: - Network monitoring scripts with automated alerts - Multi-tier blocking methods (hosts, firewall, namespace, AppArmor) - Detailed packet capture analysis and documentation - EULA legal analysis and privacy assessment - Sanitized example captures and comprehensive guides All sensitive data (personal IPs, usernames, packet captures) removed. Ready for public sharing on Gitea.
38 lines
975 B
Plaintext
38 lines
975 B
Plaintext
# Example Packet Capture Placeholder
|
|
|
|
This is a text placeholder representing where actual `.pcap` files would be stored.
|
|
|
|
## Real Capture Command
|
|
|
|
```bash
|
|
sudo tcpdump -i any -w dump/nuke_foundry_capture.pcap \
|
|
'host sentry.foundry.com or host learn.foundry.com or host api.honeycomb.io'
|
|
```
|
|
|
|
## Expected Contents
|
|
|
|
A real packet capture would contain:
|
|
- Ethernet/IP/TCP headers
|
|
- DNS queries for Foundry domains
|
|
- HTTP requests to learn.foundry.com (unencrypted)
|
|
- HTTPS handshakes and encrypted payloads to api.honeycomb.io and sentry.foundry.com
|
|
- Timing and packet size information
|
|
|
|
## Analysis Tools
|
|
|
|
```bash
|
|
# View packet summary
|
|
tcpdump -r dump/nuke_foundry_capture.pcap
|
|
|
|
# Extract HTTP requests
|
|
tcpdump -r dump/nuke_foundry_capture.pcap -A 'tcp port 80'
|
|
|
|
# Wireshark analysis
|
|
wireshark dump/nuke_foundry_capture.pcap
|
|
```
|
|
|
|
## Privacy Note
|
|
|
|
Actual `.pcap` files are NOT included in this repository for privacy reasons.
|
|
They are automatically ignored by `.gitignore`.
|