|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Adam wrote:
>
> Is there a snoop like package for linux?
> I want to say capture packets from the spoofed address only, so I can
> look at them and see if any of the routing info will help me trace our
> smurfer.
> Adam
Hi Adam,
I think that these are what you might be looking for:
ttysnoop and sniffit. both of these are offered with the Debian
distribution.
ttysnoop:
new debian package, version 2.0.
size 12676 bytes: control archive= 762 bytes.
14 bytes, 1 lines conffiles
395 bytes, 10 lines control
533 bytes, 9 lines md5sums
Package: ttysnoop
Version: 0.12c-6
Architecture: i386
Depends: libc6
Installed-Size: 42
Maintainer: Paul Haggart <phaggart@debian.org>
Description: TTY Snoop - allows you to spy on telnet+serial connections
TTYSnoop allows you to snoop on login tty's through another tty-device
or
pseudo-tty. The snoop-tty becomes a 'clone' of the original tty,
redirecting both input and output from/to it.
snittit:
new debian package, version 2.0.
size 39908 bytes: control archive= 773 bytes.
451 bytes, 12 lines control
548 bytes, 9 lines md5sums
Package: sniffit
Version: 0.3.5-3
Architecture: i386
Depends: libc6, libpcap0 (>= 0.4-1), ncurses3.4
Installed-Size: 77
Maintainer: Damjan Marion <dmarion@debian.org>
Description: packet sniffer and monitoring tool
sniffit is a packet sniffer for TCP/UDP/ICMP packets.
sniffit is able to give you very detailed technical info
on these packets (SEC, ACK, TTL, Window, ...) but also
packet contence in different formats (hex or plain text,
etc. ).
Also you can check the following:
http://rootshell.com/beta/documentation.html
http://www.replay.com/rootshell/ (Lot of sniffer source code)
Hope that this helps
--
0 0 L & R Associates
" Home Page: http://www.netaxs.com/~ldc/
_______ooO ~ Ooo_______________________________________________
LeRoy D. Cressy /\_/\ ldc@netaxs.com
Computer Consulting ( o.o ) Phone (215) 535-4037
> ^ < Fax (215) 535-4285
- References:
- SNOOP
- From: Adam <adam@looney.com>
|
|