Linux Sniffer
Results 1 to 10 of 10

Thread: Linux Sniffer

  1. #1
    Senior Member
    Join Date
    Aug 2001
    Posts
    117

    Linux Sniffer

    Hi all,

    Anyone have a sniffer they can recommend for Linux? Redhat preferably. Appreciate the feedback.

    Luck
    Luck--TSM
    Atlanta, GA


  2. #2
    Senior Member
    Join Date
    Aug 2001
    Posts
    503
    And you want a sniffer for what legitimate reason?

    I'd offer my dog, but she runs on Windows-K9... sorry.

    --PhirePhreak
    I know you\'re out there. I can feel you now. I know that you\'re afraid. You\'re afraid of us. You\'re afraid of change. I don\'t know the future. I didn\'t come here to tell you how this is going to end. I came here to tell you how it\'s going to begin. I\'m going to hang up this phone, and then I\'m going to show these people what you don\'t want them to see. I\'m going to show them a world without you, a world without rules and controls, without borders or boundaries. A world where anything is possible. Where we go from there is a choice I leave to you.

  3. #3
    Senior Member
    Join Date
    Mar 2002
    Posts
    425
    tcpdump - should be on your redhat CD's (I believe it's on CD 1).

  4. #4
    Senior Member
    Join Date
    Aug 2001
    Posts
    117

    Sniffer - the dog?

    Yeah, this is for real business work. My company is trying to get to the bottom of a slow location. I think it's abuse by one of the workers. ( In Brazil )

    We're looking into big brother as well.
    Luck--TSM
    Atlanta, GA


  5. #5
    Senior Member
    Join Date
    Sep 2001
    Posts
    429
    tcpdump & Ethereal will help you out.



    J.
    [glowpurple]manually editing your config files can break them. If this happens, you get to keep both pieces. [/glowpurple]

  6. #6
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    I'd go for Ethereal it's excellent, you can find the packets you're really interested in, and it disassembles them for you, separating the headers at various protocol levels, which makes it much faster to work out what's going wrong (Assuming that's what you want it for)

  7. #7
    Senior Member
    Join Date
    Aug 2001
    Posts
    117

    Sniffers

    Thanks for the information. I was looking into etherpeek from wildpackets. I don't know how much it costs though.
    Luck--TSM
    Atlanta, GA


  8. #8
    Senior Member
    Join Date
    Jan 2002
    Posts
    115
    ethereal would be my best recomendation

  9. #9
    Senior Member
    Join Date
    Sep 2001
    Posts
    429

    Re: Sniffers

    Originally posted here by lucktsm
    Thanks for the information. I was looking into etherpeek from wildpackets. I don't know how much it costs though.
    Ethereal (& tcpdump) are free.
    get Ethereal from here


    J.
    [glowpurple]manually editing your config files can break them. If this happens, you get to keep both pieces. [/glowpurple]

  10. #10
    Junior Member
    Join Date
    Jul 2001
    Posts
    2
    You can use snort in sniffer mode and pipe it through TCPview for detailed traffic logs on any port. This has worked well for monitoring an IRC server.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides