Outcoming packet sniffer on win2k
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Outcoming packet sniffer on win2k

  1. #1
    Senior Member
    Join Date
    Feb 2003
    Posts
    118

    Question Outcoming packet sniffer on win2k

    Hi,

    I'm looking for a packet sniffer on win2k who can perform incoming and Outcoming sniffing but I don't find anything. All I can find are sniffer that does only incoming sniff.

    Does anyone know a software who does outcoming sniff ?

  2. #2

  3. #3
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Try This one I think it will do what you want.

    Cheers:
    DjM

  4. #4
    Top Gun Maverick811's Avatar
    Join Date
    Oct 2001
    Posts
    852
    Sevari gave you a link to about the best packet sniffer available for Windows. Ethereal should provide both incoming and outgoing packet information to you...
    - Maverick

  5. #5
    Senior Member
    Join Date
    Feb 2003
    Posts
    118
    Thank you, I'm going to try them.

  6. #6
    Senior Member
    Join Date
    Apr 2002
    Posts
    634
    You can also try WinDump, it's the Windows version of the well known TCPdump. Ethereal is easier to use with it's GUI but it tends to crash my box, that's why I prefer WinDump.

    KC
    Life is boring. Play NetHack... --more--

  7. #7
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    to the best of my knowledge etherreal and windump rule but they both require winpcap which is really no bother but if DjM's link is as good as it looks it sure would simplify matters and save space on the HD.

    thanks DjM ill try it tonight on one of my home boxen.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  8. #8
    Senior Member
    Join Date
    Dec 2002
    Posts
    110
    If you don't want to bother with libpcap see the below noted url. This is an advanced tool in comparison with ethereal which is gui driven and geared to the novice.http://www.nextgenss.com/software/ngssniff.html

  9. #9
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    ok im running it now. it really is pretty cool. it dosnt give near the info that eathereal gives but you don't always need all that. i like the resolve source/destination feature allot. And for now im enjoying the "alarm". when packets are captured with filters in place this could really help discover what your looking for.

    thanks DjM its a keeper
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  10. #10
    Senior Member
    Join Date
    Sep 2001
    Posts
    144
    actually i found a little tool... ngsniff ... from http://www.ngsec.com/ngresearch/ngtools/ no drivers, 1 file.. I use it at work alot and have had a need for it at home as well...

    ngsniff --interface 0

    and it dumps to std out... so

    ngsniff --interface 0 > dmp.txt

    and you get a log.. full packet information.. header and data...

    i like it atleast.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •