public void ReportPacketCapture(Packet packet, DateTime arrivalTime) { var ip = (PacketDotNet.IpPacket)packet.Extract(typeof(PacketDotNet.IpPacket)); //IpPacket ip = (IpPacket)packet.Extract(typeof(IpPacket)); TcpPacket tcp = (TcpPacket)packet.Extract(typeof(TcpPacket)); ASCIIEncoding format = new ASCIIEncoding(); string payloadAsText = format.GetString(packet.Bytes); payloadAsText = payloadAsText.ToLower(); //remove non readable characters //payloadAsText = Regex.Replace(payloadAsText, @"[^\u0000-\u007F]", string.Empty); payloadAsText = Regex.Replace(payloadAsText, "[^0-9a-zA-Z]+", string.Empty); if ((tcp != null) && (payloadAsText.Contains("ftp"))) { int x = 5; } if (payloadAsText.Length > 255) { payloadAsText = payloadAsText.Substring(0, 255); } if (tcp != null) { _sensorEventAgent.LogEvent(_sensorId, ip.DestinationAddress.ToString(), tcp.DestinationPort, ip.SourceAddress.ToString(), tcp.SourcePort, arrivalTime, payloadAsText); } }