Re: SNOOP

Adam on Wed, 28 Oct 1998 15:45:35 -0500 (EST)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: SNOOP

From: Adam <adam@looney.com>

To: "LeRoy D. Cressy" <ldc@netaxs.com>

Subject: Re: SNOOP

Date: Wed, 28 Oct 1998 15:40:55 -0800

Cc: "PLUG@lists.nothinbut.net" <PLUG@lists.nothinbut.net>

Yep. Sniffit does the trick. I had that installed. Also, someone pointed out "smurflog" which I am trying now... Thanks everyone... Adam "LeRoy D. Cressy" wrote: > Adam wrote: > > > > Is there a snoop like package for linux? > > I want to say capture packets from the spoofed address only, so I can > > look at them and see if any of the routing info will help me trace our > > smurfer. > > Adam > > Hi Adam, > > I think that these are what you might be looking for: > > ttysnoop and sniffit. both of these are offered with the Debian > distribution. > > ttysnoop: > > new debian package, version 2.0. > size 12676 bytes: control archive= 762 bytes. > 14 bytes, 1 lines conffiles > 395 bytes, 10 lines control > 533 bytes, 9 lines md5sums > Package: ttysnoop > Version: 0.12c-6 > Architecture: i386 > Depends: libc6 > Installed-Size: 42 > Maintainer: Paul Haggart <phaggart@debian.org> > Description: TTY Snoop - allows you to spy on telnet+serial connections > TTYSnoop allows you to snoop on login tty's through another tty-device > or > pseudo-tty. The snoop-tty becomes a 'clone' of the original tty, > redirecting both input and output from/to it. > > snittit: > > new debian package, version 2.0. > size 39908 bytes: control archive= 773 bytes. > 451 bytes, 12 lines control > 548 bytes, 9 lines md5sums > Package: sniffit > Version: 0.3.5-3 > Architecture: i386 > Depends: libc6, libpcap0 (>= 0.4-1), ncurses3.4 > Installed-Size: 77 > Maintainer: Damjan Marion <dmarion@debian.org> > Description: packet sniffer and monitoring tool > sniffit is a packet sniffer for TCP/UDP/ICMP packets. > sniffit is able to give you very detailed technical info > on these packets (SEC, ACK, TTL, Window, ...) but also > packet contence in different formats (hex or plain text, > etc. ). > > Also you can check the following: > http://rootshell.com/beta/documentation.html > http://www.replay.com/rootshell/ (Lot of sniffer source code) > > Hope that this helps > -- > 0 0 L & R Associates > " Home Page: http://www.netaxs.com/~ldc/ > _______ooO ~ Ooo_______________________________________________ > > LeRoy D. Cressy /\_/\ ldc@netaxs.com > Computer Consulting ( o.o ) Phone (215) 535-4037 > > ^ < Fax (215) 535-4285 -- Adam ____________________ ++ATH0 /-\ |\ /-\ (\/)

References:

SNOOP
From: Adam <adam@looney.com>

Re: SNOOP
From: "LeRoy D. Cressy" <ldc@netaxs.com>

Prev by Date: Re: SNOOP

Next by Date: Re: sorry...

Previous by thread: Re: SNOOP

Next by thread: November PLUG Meeting Announcement

Index(es):

Date

Thread