Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: Sniffers

Hybrid View

  1. #1
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683

    Sniffers

    Does anyone have any good material on how to read captures taken?Im starting to use wireshark alot so it would be beneficial for me to learn how to read the captures correctly and possibly advanced techniques.

    Any help appreciated.

    Thanks!
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  2. #2
    Senior Member
    Join Date
    Apr 2005
    Location
    USA
    Posts
    422
    Different protocols have different structures. It really depends on the protocol you're trying to read. Wireshark does a lot of the work for you too. Is there something specific you're trying to analyze?

  3. #3
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Mostly HTTP/s TCP, UDP.

    A little cheat sheet would be nice for the search area when you are looking at a capture. Also when a capture is found, what everything in there means. I know its a little broad
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  4. #4
    Senior Member
    Join Date
    Mar 2008
    Posts
    262
    If you are trying to debug http, I recommend Fiddler.
    I've used it for years. It was originally developed by Microsoft before being spun off.

  5. #5
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    wow , epic program. will work great with http/s.

    however there is still udp / tcp.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  6. #6
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    I recommend getting the books "TCP/IP Illustrated" Volume 1 to 3. But for your purpose volume 1 should do. Volume 2 is mostly about socket programming and volume 3 is more about SSL/TLS, HTTP and NTP.

    Besides a wealth of information about every bit used they're also great reference books. I regularly use them to verify things.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  7. #7
    Shadow Programmer mmelby's Avatar
    Join Date
    Jul 2002
    Location
    Ft. Myers, FL
    Posts
    291
    I don't know if you are looking for something this basic but this should give you a start...

    http://www.security-freak.net/raw-so...w-sockets.html
    Work... Some days it's just not worth chewing through the restraints...

  8. #8
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    This might give you a start too: http://www.tcpipguide.com/free/index.htm
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  9. #9
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Thanks guys, will look into it.

    Has anyone done the online training with Offensive security using backtrack?
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  10. #10
    Senior Member
    Join Date
    Jul 2002
    Posts
    744
    not to be rude, but prots are easily recognized...also, did you pay for wireshark?
    Every now and then, one of you won't annoy me.

Similar Threads

  1. sniffers detection tools
    By Penguin in forum Network Security Discussions
    Replies: 6
    Last Post: February 16th, 2005, 10:06 PM
  2. A Quick Intro to Sniffers
    By Irongeek in forum The Security Tutorials Forum
    Replies: 0
    Last Post: February 1st, 2005, 03:59 PM
  3. Sniffers
    By w0lverine in forum AntiOnline's General Chit Chat
    Replies: 3
    Last Post: November 24th, 2003, 09:01 PM
  4. Encryption for MSN Messenger (2 avoid sniffers)
    By PakiBlue in forum Microsoft Security Discussions
    Replies: 10
    Last Post: November 8th, 2003, 07:52 PM
  5. Sniffers for windows....
    By br_fusion in forum Newbie Security Questions
    Replies: 16
    Last Post: August 17th, 2003, 02:30 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •