Toby DiPasquale on Wed, 6 Aug 2003 16:06:06 -0400


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] trapping web site communications


eric@lucii.org wrote:
How best to go about this?  I think a sniffer program on the lan might
be the way but I've never used one before.  Are there other ways that
people have used to accomplish something like this?  I've tried netcat
(nc) but it does not show me what the site sends back, just what the
browser asks for.

Here's an easy way to do it:

1. If you don't already have them, install the ethereal and tethereal packages for your OS. On Debian they are in two separate packages (with those names, in case you are running Debian) but they may be in the same package for other distros/OSs.

2. Run this command:

# tethereal -i eth0 -f ' port 80 ' -w savefile

You will need to be root to do that. This will capture all traffic on/from port 80 passing through network interface eth0 into a file named "savefile".

3. Initiate your HTTP traffic and run the CGI you're looking to debug.

4. Once finished with that, stop the capture with Control-C and then open "savefile" with ethereal (the graphical frontend for the ethereal capture pacakge). Now you can see both sides of the traffic, packet for packet.

HTH :)

--
Tobias DiPasquale
88FA 30C9 1E63 CFE2 CBD8  37C4 DA1C E2BF 1D26 F036
http://cbcg.net/

_________________________________________________________________________
Philadelphia Linux Users Group        --       http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion  --   http://lists.netisland.net/mailman/listinfo/plug