Adam on Wed, 28 Oct 1998 15:45:35 -0500 (EST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: SNOOP


Yep. Sniffit does the trick.  I had that installed.  Also, someone pointed
out "smurflog" which I am trying now...
Thanks everyone...
Adam

"LeRoy D. Cressy" wrote:

> Adam wrote:
> >
> > Is there a snoop like package for linux?
> > I want to say capture packets from the spoofed address only, so I can
> > look at them and see if any of the routing info will help me trace our
> > smurfer.
> > Adam
>
> Hi Adam,
>
> I think that these are what you might be looking for:
>
> ttysnoop and sniffit.  both of these are offered with the Debian
> distribution.
>
> ttysnoop:
>
>  new debian package, version 2.0.
>  size 12676 bytes: control archive= 762 bytes.
>       14 bytes,     1 lines      conffiles
>      395 bytes,    10 lines      control
>      533 bytes,     9 lines      md5sums
>  Package: ttysnoop
>  Version: 0.12c-6
>  Architecture: i386
>  Depends: libc6
>  Installed-Size: 42
>  Maintainer: Paul Haggart <phaggart@debian.org>
>  Description: TTY Snoop - allows you to spy on telnet+serial connections
>   TTYSnoop allows you to snoop on login tty's through another tty-device
> or
>   pseudo-tty. The snoop-tty becomes a 'clone' of the original tty,
>   redirecting both input and output from/to it.
>
> snittit:
>
>  new debian package, version 2.0.
>  size 39908 bytes: control archive= 773 bytes.
>      451 bytes,    12 lines      control
>      548 bytes,     9 lines      md5sums
>  Package: sniffit
>  Version: 0.3.5-3
>  Architecture: i386
>  Depends: libc6, libpcap0 (>= 0.4-1), ncurses3.4
>  Installed-Size: 77
>  Maintainer: Damjan Marion <dmarion@debian.org>
>  Description: packet sniffer and monitoring tool
>   sniffit is a packet sniffer for TCP/UDP/ICMP packets.
>   sniffit is able to give you very detailed technical info
>   on these packets (SEC, ACK, TTL, Window, ...) but also
>   packet contence in different formats (hex or plain text,
>   etc. ).
>
> Also you can check the following:
> http://rootshell.com/beta/documentation.html
> http://www.replay.com/rootshell/   (Lot of sniffer source code)
>
> Hope that this helps
> --
>           0 0      L & R Associates
>            "       Home Page:    http://www.netaxs.com/~ldc/
> _______ooO ~ Ooo_______________________________________________
>
> LeRoy D. Cressy          /\_/\          ldc@netaxs.com
> Computer Consulting     ( o.o )         Phone (215) 535-4037
>                          > ^ <          Fax   (215) 535-4285

--
Adam


____________________
++ATH0


/-\ |\ /-\ (\/)



  • References:
    • SNOOP
      • From: Adam <adam@looney.com>
    • Re: SNOOP
      • From: "LeRoy D. Cressy" <ldc@netaxs.com>