The speed and storage space available with commodity computers has grown to the point that it is feasible to capture every packet on Internet uplinks. You could buy some commercial products to capture and analyze this traffic, but are there other options? In this session we\'ll look at ways to build a packet capture monster with open source tools and commodity hardware. Then we will look at how capturing *everything* can be used to create a "Network Time Machine" where analysts can reconstruct network sessions and previous attacks. We will also run through a live analysis demo and hunt-down some unwanted visitors.