Sniffer functions help
Results 1 to 3 of 3

Thread: Sniffer functions help

  1. #1
    Junior Member
    Join Date
    Mar 2003

    Question Sniffer functions help

    Id like to know if a sniffer can get and save ALL the info sent by a server but not only the one this server sends to you,and if it can be done,how to? (i tryed with ethereal but got no conclusion...)

    ThAnK YoU FoR Ur TiMe

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Redondo Beach, CA
    Yes it can (and ethereal can as well). The best way is to ensure that your network card is in promicious mode (winpcap for windows and libpcap for linux will help with this). tcpdump (windump) are considered amongst the best, fastest sniffers out there. The best way to tell is when you see traffic being received or sent to an ip other than yours.

    However, keep in mind it will only pick up what's on the subnet you are on, behind a specific device like a router. (MsM goes into teaching mode: Routers do not pass broadcast packets.) So if you are behind a router, it will only pick up traffic in your household.

    One last thing, in some countries it is ILLEGAL to do sniffing (and collect passwords -- in Canada it is against the Criminal Code and can get you a nasty sentence of 5 years) and I can pretty guarantee that your ISP will not like you sniffing the network. They can find out as promicious cards tend to be noisy. Some things to keep in mind.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Senior Member
    Join Date
    Apr 2002
    I think a little:
    tcpdump -t src host ip_of_the_server
    would be sufficient for what you want.
    And in Ethereal, you simply have to parameter a filter.

    But if you speak about a server on Internet (which is not on you internal network), sniffing it will not be really useful.
    Life is boring. Play NetHack... --more--

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts