##########################################################################################

       PAS-17: Configuration Option for Passive Only Checks

##########################################################################################


Issue Type: New Feature 
-----------------------------------------------------------------------------------------

Issue Information
====================

Priority: Major					Status:      Closed
Resolution:  Done (2015-11-27 13:12:20)
Project: PCAP Analysis Script (PAS)


Reported By: btasker					
Assigned To: btasker

Components: 
	- Configuration Options 

Affected Versions:		
	- 0.1  			


Targeted for fix in version: 
	- 0.1


Time Estimate: 25 minutes
Time Logged:   5 minutes


-----------------------------------------------------------------------------------------

Issue Description
==================

The script is almost entirely passive, but does do reverse lookups on observed IPs. 

It would be possible to generate traffic from a "canary" ip if the block was delegated to
your name server. If a PTR request is received for that IP then someone is taking an
interest in your traffic.

So should introduce a config option to allow the script to be limited to truly passive
analysis


-----------------------------------------------------------------------------------------

Activity
==========

	
-----------------------------------------------------------------------------------------
2015-11-27 12:49:25              btasker
-----------------------------------------------------------------------------------------

Have added a new configuration option for *config.sh* - PASSIVE_ONLY

Where is has a non-zero value, only truly passive checks will be run. At the moment that
simply means the PTR's on associated IP's won't happen, but obviously in the future there
may be more to it than that.
	
-----------------------------------------------------------------------------------------
2015-11-27 12:49:48              git
-----------------------------------------------------------------------------------------


-- BEGIN QUOTE --


Repo: PCAPAnalyseandReport
Commit: ff51a1bb4aaf5b266c5f05cc9fcc88dd6b98f5f0
Author: Ben Tasker <github@<Domain Hidden>>

Date: Fri Nov 27 12:48:12 2015 +0000
Commit Message: Added PASSIVE_ONLY configuration option. See PAS-17



Modified (-)(+)
-------
Docs/OverridingConfiguration.md
PCAP_Analysis.sh



-- END QUOTE --

*Webhook User-Agent*


-- BEGIN SNIPPET --

GitHub-Hookshot/333881f
 -- END SNIPPET --

https://github.com/bentasker/PCAPAnalyseandReport/commit/ff51a1bb4aaf5b266c5f05cc9fcc88dd6b98f5f0


	
-----------------------------------------------------------------------------------------
2015-11-27 12:49:49              
-----------------------------------------------------------------------------------------

btasker changed timespent from '0 minutes' to '5 minutes'
	
-----------------------------------------------------------------------------------------
2015-11-27 12:49:58              
-----------------------------------------------------------------------------------------

btasker changed status from 'Open' to 'Resolved'
	
-----------------------------------------------------------------------------------------
2015-11-27 12:49:58              
-----------------------------------------------------------------------------------------

btasker added 'Done' to resolution
	
-----------------------------------------------------------------------------------------
2015-11-27 12:50:04              
-----------------------------------------------------------------------------------------

btasker changed status from 'Resolved' to 'Closed'
	
-----------------------------------------------------------------------------------------
2015-11-27 13:12:03              btasker
-----------------------------------------------------------------------------------------

Re-opening to assign a component
	
-----------------------------------------------------------------------------------------
2015-11-27 13:12:03              
-----------------------------------------------------------------------------------------

btasker removed 'Done' from resolution
	
-----------------------------------------------------------------------------------------
2015-11-27 13:12:03              
-----------------------------------------------------------------------------------------

btasker changed status from 'Closed' to 'Reopened'
	
-----------------------------------------------------------------------------------------
2015-11-27 13:12:20              
-----------------------------------------------------------------------------------------

btasker changed status from 'Reopened' to 'Resolved'
	
-----------------------------------------------------------------------------------------
2015-11-27 13:12:20              
-----------------------------------------------------------------------------------------

btasker added 'Done' to resolution
	
-----------------------------------------------------------------------------------------
2015-11-27 13:12:26              
-----------------------------------------------------------------------------------------

btasker changed status from 'Resolved' to 'Closed'


-----------------------------------------------------------------------------------------

Worklog
========

 
-----------------------------------------------------------------------------------------
2015-11-27 12:49:49              btasker

5 minutes
-----------------------------------------------------------------------------------------

Implementing and documenting