-
September 20th, 2003, 05:10 AM
#1
TCP/IP & Packet Sniffer?
I just recently finished a book on TCP/IP and I was wondering if theres a tool out there for windows that could read TCP packets and UDP packets and break them down and tell me the contents like flags, header info, types, raw data, and such. Im guessing this would be a apcket sniffer but I didnt know if there is one for windows with functions such as these.
Also is there a tool to stop a TCP packet from sending ACK back to acknowledge the data as been recived, change the data in the headers and such, then send it back on its way? Sorry if I sound incompentent but this is my first time dealing with TCP/IP and protocols. Any help would be appricated.
P.S. If you know any other online books or tuts that are a bit more advanced on TCP/IP or related topics please tell me. Thanks. Oh and I have cygwin if that helps for linux command line programs.
-
September 20th, 2003, 05:37 AM
#2
Hey Hey,
As far as packet sniffing goes, you're gonna wanna get http://www.ethereal.com/ .
To stop an ACK and send back a packet, I'm sure you could block the incoming packets with a firewall, and then use a packet builder to generate similar packets. Although someone else will be able to explain this better.
As far as books, check out anything out there. There is tons of good information. Learn the TCP Model and the OSI Model and how they relate. Stuff like that.
-
September 20th, 2003, 05:49 AM
#3
It\'s 106 miles to Chicago, we\'ve got a full tank of gas, half a pack of cigarettes, it\'s dark and we\'re wearing sunglasses.
Hit it!
-
September 20th, 2003, 06:24 AM
#4
Junior Member
Another great alternative is ettercap. Great for arp poisening and sniffing of switched networks. And you don't need X to run it. Runs in CLI
-
September 20th, 2003, 07:29 AM
#5
yeah seabass55, i like the ettercap GUI
if you like wiriting you're own applications, i'd suggest download the pcap development lib(s)...
http://www.tcpdump.org/
yeah, I\'m gonna need that by friday...
-
September 20th, 2003, 03:06 PM
#6
tcpdump is great, but he asked for a windows solution. Go grap the winpcap libraries and windump. That is a great one to get your feet wet.
Snort would be a good one to play with too because once you get your feet wet with sniffing you can also tinker with it's ids capabilities.
"When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
"There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
"Mischief my ass, you are an unethical moron." - chsh
Blog of X
-
September 20th, 2003, 03:58 PM
#7
tcpdump is great, but he asked for a windows solution. Go grap the winpcap libraries and windump. That is a great one to get your feet we
the win32 port of tcpdump can be found at tcpdump.org as well as the winpcap lib.
http://www.tcpdump.org/wpcap.html
yeah, I\'m gonna need that by friday...
-
September 20th, 2003, 04:08 PM
#8
Junior Member
I'm a newer,you are great ,thanks.
-
September 20th, 2003, 04:57 PM
#9
Hey thanks for all the help. I was kinda looking into making my own in VB. I still need more knowledge in C/C++ to make it in that though. Thanks for your help though!
-
September 20th, 2003, 06:02 PM
#10
in VB... maybe not. but here is a nice class you can use with VB...
http://starkoff.hypermart.net/Files/nmfce114.zip
NMF Community Edition is a collection of COM classes for monitoring network traffic and decoding network protocols. All framework classes can be used from Microsoft C++, Visual Basic and VBScript programming environments.
yeah, I\'m gonna need that by friday...
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|