Results 1 to 9 of 9

Thread: Packet Sniffers ... Again

  1. #1

    Packet Sniffers ... Again

    I hear a lot about these packet snifer things, but its a mystery for me how they work!

    i know they catch packets coming in and out of a computer but where must they be installed ?

    and heard about ethereal, can anyone please give me a link to download it and try it ?
    [gloworange][shadow]www.geocities.com/dia_byte0 [/shadow] [/gloworange]

    No To 1559 !

    Signature image is too tall!

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Uh... Google is really helpful for finding download links. Generally speaking, a packet sniffer would be installed on a computer with an Operating System. Your NIC would be made promisicuous (this is where libpcap/winpcap come in handy) so that it picks up ALL packets and not just packets for the machine.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    C'mon....

    You haven't even tried to find it........

    Google!!!!!!!!!! has 3.4 million hits for the word Ethereal...... If you look really hard it's in there somewhere!!!!!
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  4. #4
    OK OK OK

    excuse me for not using google, i just did and got the website of ethreal ...

    but MsMittens what did you mean by

    "so that it picks up ALL packets and not just packets for the machine."

    ???
    [gloworange][shadow]www.geocities.com/dia_byte0 [/shadow] [/gloworange]

    No To 1559 !

    Signature image is too tall!

  5. #5
    Hi mom!
    Join Date
    Aug 2001
    Posts
    1,103
    Dia_Byte, try to read up on the TCP/IP protocol suite, so that you get a bit of basic knowledge about how messages are transmitted over a network. It’ll help you enormously to understand what is actually going on in a network. There are several tutorials on that subject in our tutorial forums. That's as good a place to start as any.

    Very, very (very very very) basically, your network is a kind of highway with driver-less cars on it. Each car has its destination printed on the side. Normally, your computer would look for cars that have your name on it, and swoops them from the highway. In promiscuous mode, your computer grabs ALL cars (or rather: copies the content from all cars). In that way, you can look at ALL the data that travels on your segment of the network: packet sniffing.
    I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.

  6. #6
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    well it is 3,420,000 hits TS. .

    fortunatly the very first 2 are all that are required


    But on Page 83 of the results I found this helpful link..

    http://www.oreillynet.com/pub/a/secu...erealtips.html
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  7. #7
    i think that i am eventually getting the idea ...

    but if packet sniffers are as Guus describes they would catch enormous amounts of packets right ???
    [gloworange][shadow]www.geocities.com/dia_byte0 [/shadow] [/gloworange]

    No To 1559 !

    Signature image is too tall!

  8. #8
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    To use the same idea: It depends on how busy the highway is
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  9. #9
    Usually, your local network segment isn't as busy as a router mirror or other main link. I have a sniffer watching a router mirror and grab logs of 30,000 packets every ten minutes. The packet grab usually takes about 30 to 60 seconds.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •