network sniffing?
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: network sniffing?

  1. #1
    Senior Member
    Join Date
    Apr 2002
    Posts
    214

    network sniffing?

    I have a question about sniffing. I know you are able so see what goes in and out of a nic on a specific, but with a sniffer program, can you see everything going across the whole LAN?

    -Mike

  2. #2
    Senior Member
    Join Date
    Jul 2001
    Posts
    461
    on a lan connected with a hub, all packets are seen by all network interfaces. The packets are discarded or passed up the line based initially on the destination MAC address, and then IP address. (Switches have the ability to filter traffic so that each interface only sees traffic directed for it specifically, so if you are on a switched LAN, you may not be able to see all that other traffic.)

    So, what a packet sniffer can do is put the network interface into promiscuos mode, meaning, telling the TCP/IP stack to pass all traffic to that application(the packet sniffer) instead of discarding the traffic which is not meant specifically for that network interface. Some packet sniffers however dont have this cability, though most do.


  3. #3
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628
    There is a long explanation for this and 123(IchNiSan) hit the nail on the head. But even if you have a switched network you could conceivably sniff all of the traffic depending on how it is set up.

    Is there a more specific question, maybe? I could write an entire book on the procedures, but if you are looking for something specific it sure would help narrow the possibilties down a bit....
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  4. #4
    Senior Member
    Join Date
    Apr 2002
    Posts
    214
    I'm kinda of a newbie to networking, but I have a router, so does that mean if I got the right packet sniffer and put it into promiscuos mode, I can seeeverything? Is there a good packet sniffer that you could recommend?

    -Mike

  5. #5
    Junior Member
    Join Date
    Nov 2001
    Posts
    7
    Ethereal is great for windows, I am not sure what the site is. I'd like to get it for linux, but I'm having dependence problems, anyone know where i can get libcrypto.so.2? I belive it is part of ssl. I tried to get an ssl package, but it would have messsed up lots of files that were depended on.

  6. #6
    Senior Member
    Join Date
    Nov 2001
    Posts
    257
    Ethereal is great for windows, I am not sure what the site is. I'd like to get it for linux, but I'm having dependence problems, anyone know where i can get libcrypto.so.2? I belive it is part of ssl. I tried to get an ssl package, but it would have messsed up lots of files that were depended on.
    libcrypto is part of ssl, and is installed by default on recent versions of redhat, mandrake and suse, I imagine others I havent worked with as well.

    I ran into this same problem installing ethereal on my redhat machine, it was looking for an older version of libcrypto than I had which messed it up. Of course I figured out that ethereal is included on the redhat CD's, and I used their little installer thing and it worked fine.
    -Shkuey
    Living life one line of error free code at a time.

  7. #7
    Junior Member
    Join Date
    Nov 2001
    Posts
    7
    Shkuey: I have RHL 7.1, but the free (downloaded) version. I am updating to RHL 7.3, will that have libcrypto? I found a package w/ it, but like I said, it had tons of dep. problems.

  8. #8
    Member
    Join Date
    Mar 2002
    Posts
    38
    The Power Of Your Imagination:

  9. #9
    Senior Member
    Join Date
    Apr 2002
    Posts
    214
    is rhl a command-line o/s? because i know that some other versions/creators of linux had a screen shot on their webpage, and it looked similar to windows.

    -Mike

  10. #10
    str34m3r
    Guest
    Um... RedHat isn't "a command line o/s", but it does have a command line interface. Any linux distribution can be a command line o/s if you just don't install Xwindows. The pictures you saw were probably either KDE or Gnome, which are the two most popular forms of Xwindows.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •