August 6th, 2004, 09:44 PM
Sniffing Individual PCs
Are there any network analyzers that will let you sniff to individual IPs or PCs?
August 6th, 2004, 09:46 PM
Yes, look for filtering options in the sniffer you are using. I know Ethereal has them.
August 6th, 2004, 09:47 PM
Sh*t Irongeek, you beat me.....
August 6th, 2004, 10:05 PM
For additional reference some of the Ethereal filter commands are as follows:-
To get all traffic to/from a host:-
To get all traffic a host initiates:- (it will capture both sides of the conversation).
src host xxx.xxx.xxx.xxx
To get all traffic a host receives from another initiating host:- (it will capture both sides of the conversation).
dst host xxx.xxx.xxx.xxx
To get all traffic to a host on a given port:-
host xxx.xxx.xxx.xxx && port xx
You can combine src and dst host with port
Negate something by prodeeding it with "!"
ie: To capture all traffic to/from a host except that on port 3389 the filter looks like this:-
host xxx.xxx.xxx.xxx && !port 3389
Hope this helps.
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
August 6th, 2004, 10:19 PM
IronGeek, DJM, Tiger Shark,
Thanks for your help
August 7th, 2004, 01:49 PM
Sex is like \"Social Security\". You get a little each month, but it\'s not enough to live on.