October 17th, 2001 06:46 AM
Tcp/IP Any good sniffers out there
I was wanting to know if there were any good network sniffers.I finally got my old 486 which has linux on it to network with my newer computer and I was hoping to try somthing out.And also to see how XP pro stands up to beatings.
SO if anyone knows any good network sniffers, or any tool to help me test my network it would be great to the hear them.
I'm going to use the laptop to beat on it and it has windows on it ( I know but linux wasn't compatible with the modem)sucks.
October 17th, 2001 06:59 AM
You can install tcpdump or snort (which is mainly an IDS) or snoop (if it exists for linux. I know it for solaris) or ethereal ...
That's not the sniffing tools that miss most!
October 17th, 2001 07:28 AM
I would really recommend Ethereal, I've got it running on my Win98 box here, and it wasn't too hard to set up.
[HvC]Terr: L33T Technical Proficiency
October 17th, 2001 01:11 PM
You can use tcpdump or ethereal as mentioned above for your sniffers. As for testing your network, do you mean scanning it for open ports? If that's what you mean, you can get nessus from www.nessus.org .
You may want to install nmap and queso as well. nmap is an excellent port scanner and queso is used for identifying the remote os. Nessus has a server/client model and has clients for both *nix and windows. The server will run on your *nix box. It scans the remote box and also attempts to determine what servers are being run on what ports as well as any vulnerabilities in those services.
One other "sniffer" you may be interested in is p0f. It's a passive OS detector. It acts like a sniffer, but instead of saving the packets, it analyzes the packets to identify the OS that scanned you. You'll want to use the nmap or queso os id file, though as the one that comes with it doesn't recognize linux kernel 2.4 or windows 2000 or above yet.
Hope this helps and Happy Hacking
October 17th, 2001 03:50 PM
Ok well thanks for the help, sorry Terrr Etheral didn't work, it said I was missing a .dll file so, But Neusus is working great, thanks for the help it somtimes hard to find the right tools to do the right job.
October 17th, 2001 05:47 PM
Uhm, those are more packet monitor rather than sniffers. A sniffer would give you the information in the packet. I wrote a sniffer that dumps information from the NIC. I can't post a link to it because that woul dbe advertising my website, and I'm not allow do that. *eh, hum*. But the cde is there if you can find it.
Jason Parker - http://www.o-negative.net
o-Negative: Information Network