-
November 19th, 2004, 11:43 AM
#1
Member
Packet Sniffers ... Again
I hear a lot about these packet snifer things, but its a mystery for me how they work!
i know they catch packets coming in and out of a computer but where must they be installed ?
and heard about ethereal, can anyone please give me a link to download it and try it ?
-
November 19th, 2004, 11:49 AM
#2
Uh... Google is really helpful for finding download links. Generally speaking, a packet sniffer would be installed on a computer with an Operating System. Your NIC would be made promisicuous (this is where libpcap/winpcap come in handy) so that it picks up ALL packets and not just packets for the machine.
-
November 19th, 2004, 11:50 AM
#3
C'mon....
You haven't even tried to find it........
Google!!!!!!!!!! has 3.4 million hits for the word Ethereal...... If you look really hard it's in there somewhere!!!!!
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
November 19th, 2004, 11:58 AM
#4
Member
OK OK OK
excuse me for not using google, i just did and got the website of ethreal ...
but MsMittens what did you mean by
"so that it picks up ALL packets and not just packets for the machine."
???
-
November 19th, 2004, 12:18 PM
#5
Dia_Byte, try to read up on the TCP/IP protocol suite, so that you get a bit of basic knowledge about how messages are transmitted over a network. It’ll help you enormously to understand what is actually going on in a network. There are several tutorials on that subject in our tutorial forums. That's as good a place to start as any.
Very, very (very very very) basically, your network is a kind of highway with driver-less cars on it. Each car has its destination printed on the side. Normally, your computer would look for cars that have your name on it, and swoops them from the highway. In promiscuous mode, your computer grabs ALL cars (or rather: copies the content from all cars). In that way, you can look at ALL the data that travels on your segment of the network: packet sniffing.
I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.
-
November 19th, 2004, 12:27 PM
#6
well it is 3,420,000 hits TS. .
fortunatly the very first 2 are all that are required
But on Page 83 of the results I found this helpful link..
http://www.oreillynet.com/pub/a/secu...erealtips.html
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
-
November 25th, 2004, 03:31 PM
#7
Member
i think that i am eventually getting the idea ...
but if packet sniffers are as Guus describes they would catch enormous amounts of packets right ???
-
November 25th, 2004, 03:43 PM
#8
To use the same idea: It depends on how busy the highway is
Oliver's Law:
Experience is something you don't get until just after you need it.
-
November 26th, 2004, 04:44 AM
#9
Usually, your local network segment isn't as busy as a router mirror or other main link. I have a sniffer watching a router mirror and grab logs of 30,000 packets every ten minutes. The packet grab usually takes about 30 to 60 seconds.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|