Section: .. / sniffers /
| /// File Name: |
snuff-v0.8.1.tar.gz |
Description:
|
Snuff is a packet sniffer for Linux 2.0/2.2 that can monitor many streams at once. It can also mail and wipe the log if reached a specified size.
| | Author: | Noah | | Homepage: | http://ns2.crw.se/~tm/ | | Changes: | No more crap in the sniff logs anymore - Checking the size of the ip & tcp header now. Added the keepopen parameter for the log file and fixed a y2k bug. | | File Size: | 5532 | | Last Modified: | May 30 16:07:42 2000 |
| MD5 Checksum: | d185f08af18e5f162c63e3b184e32c40 |
|
| /// File Name: |
coopersniff01.zip |
Description:
|
NT Sniffer 0.01 - For NT4.0 includes a packet driver. Sniffs packets from networks and displays full information for: Ethernet, IP, TCP (data also), and UDP.
| | Author: | Brett Cooper | | Homepage: | http://www4.50megs.com/sniffer/index.html | | File Size: | 47004 | | Last Modified: | May 3 18:24:32 2000 |
| MD5 Checksum: | fa402a028be4dbbef0c5c1d5d6d5ec81 |
|
| /// File Name: |
analyzer.exe |
Description:
|
Analyzer v2.02 is a full configurable windows packet sniffer and network analyzer. Developed in a Win32 environment, it works on both Windows 95/98 and Windows NT/2000 platforms. It features a GUI, an analysis engine and a capture program.
| | Author: | Piero Viano | | Homepage: | http://netgroup-serv.polito.it/analyzer | | Changes: | Packet Capture performance greatly improved, support for Windows 2000 added, and many bugs fixed. Requires a packet driver, available here. | | File Size: | 1920509 | | Last Modified: | Apr 5 19:43:43 2000 |
| MD5 Checksum: | c20d32db59004f86123d0117a9753af0 |
|
| /// File Name: |
tgk-log-2.4.tar.gz |
Description:
|
tgk-log 2.4 - A remade version of linsniffer, no longer recording just contents of a packet but some additional information. Designed to be used for logging the traffic through a ipmasq gateway. More TCP, UDP, ICMP support, and code optimization with this release.
| | Author: | EF | | Homepage: | http://ccitt5.net/archive/ | | File Size: | 6333 | | Last Modified: | Mar 31 05:16:00 2000 |
| MD5 Checksum: | b659596929d26a430ea31372dd0b2b56 |
|
| /// File Name: |
get_name.pl |
Description:
|
get_name.pl will parse the username / pw out of a linsniffer log.
| | Author: | Richard Wash | | File Size: | 1898 | | Last Modified: | Mar 29 16:04:00 2000 |
| MD5 Checksum: | 3520197c8ed3f3ec12bfd4a7aaa29717 |
|
| /// File Name: |
fipra_0.65c.tar.gz |
Description:
|
FIPRA (Fast IP Routing Accounting) is a kernel patch tool for logging IP traffic at high speeds. The logging part is moved inside the kernel and adds as little as possible to the overhead of handling IP packets.
| | Author: | Roger Abrahamsson | | File Size: | 229101 | | Last Modified: | Mar 24 00:34:11 2000 |
| MD5 Checksum: | 56a4863d6370a0510aa1ba9a7b836a5a |
|
| /// File Name: |
MiM.c |
Description:
|
MiM can be used to redirect the flow between two hosts through a third host which logs it in tcpdump/pcap format. We use unsolicited ARPs to do this and the redirector listens for, and responds to, future ARP requests for the addresses in question, so the redirection should remain fairly persistent even when ARP caches expire. I put it together primarily to demonstrate that, yes, you can sniff in a switched environment. It just requires a couple ARPs.
| | Author: | Trevor Schroeder | | File Size: | 6118 | | Last Modified: | Feb 9 15:14:50 2000 |
| MD5 Checksum: | 4744ee0cc53a88b4f341ab0697225d2e |
|
| /// File Name: |
getdata.tar.gz |
Description:
|
Getdata Protocol Analyzer is another sniffer made with libpcap that supports multiple protocols like TCP, UDP, ICMP, IGMP, etc.
| | Author: | Cronix da silva sauro | | Changes: | Bug fixes and some additional features. | | File Size: | 222640 | | Last Modified: | Feb 2 21:24:01 2000 |
| MD5 Checksum: | a51fd55ed59ead01db641c22da967c25 |
|
| /// File Name: |
snuff-v0.7.1.tar.gz |
Description:
|
Snuff is a packet sniffer for Linux 2.0/2.2 that can monitor many streams at once. It can also mail and wipe the log if reached a specified size.
| | Author: | Noah | | Homepage: | http://ns2.crw.se/~tm/ | | File Size: | 5086 | | Last Modified: | Jan 28 18:47:45 2000 |
| MD5 Checksum: | 4233057c89dde694a2671a13ee61077e |
|
| /// File Name: |
sniffing-faq.htm |
Description:
|
Excellet FAQ on packet sniffing version 0.3.0, updated Jan 15, 2000.
| | Author: | Robert Graham | | File Size: | 116276 | | Last Modified: | Jan 26 15:57:39 2000 |
| MD5 Checksum: | bc1fcf357c858c3332d89a3ceb82cf4e |
|
| /// File Name: |
synsniff11.tar.gz |
Description:
|
synsniff, as the name would imply, is a simple program which watches for the first part of a TCP connection (the SYN packet) and logs it. Optionally, synsniff can detect FIN (end of session) packets with no corrosponding SYN; this is useful for discovering stealth FIN scans. It is primarily a TCP connection logger but also includes some portscan detection heuristic. It logs incoming SYN and FIN packets to stdout, and also detects portscans by watching for multiple incoming connections within a short timeout (default threshold is 7 connections per second).
| | Homepage: | http://www.jammed.com/%7Ejwa/Security/ | | File Size: | 6415 | | Last Modified: | Dec 12 17:04:38 1999 |
| MD5 Checksum: | 4cfbf3f150fe77ff5656d2a22c3bf0d9 |
|
| /// File Name: |
ss-1.3.tgz |
Description:
|
Super Sniffer is a combination of esniff.c and tcpdump. It also supports a plethora of other options including DES encryption on log files, user monitoring, forwarding logs regularly to a secondary host, and NFS file handle sniffing. It uses the libpcap and GNU regular expression pattern-matching libraries. Super Sniffer will incorporate in-kernel filtering using the Berkeley Packet Filter (bpf) on hosts that provide it. This allows network sniffing on busy networks with much fewer packet drops. Super Sniffer is meant to be a an all-in-one sniffer, combining all the features of the scores of architecture-specific sniffers around, and it will compile and sniff on virtually anything.
| | Author: | Ajax | | Homepage: | http://users.dhp.com/~ajax/projects | | File Size: | 797002 | | Last Modified: | Nov 29 19:37:57 1999 |
| MD5 Checksum: | b0903b92250ad09d15b7d01f318912f9 |
|
| /// File Name: |
e4d.tgz |
Description:
|
Echelon for Dummies is a distributed sniffer which tries to show how the "echelon" network could be designed. It uses sniffer servers that can be installed and run on remote hosts, and will dig through local network traffic, useing custom pattern/keyword matching to find packets with interesting content, which are then forwarded to a central loghost on which the logging daemon is run that gathers and logs the data. For stealth purposes, Sniffers and the logger communicate via random protocols and encryption, and are compatible to many Unix systems and NT.
| | Author: | Mixter | | Homepage: | http://1337.tsx.org | | File Size: | 97006 | | Last Modified: | Nov 29 18:47:19 1999 |
| MD5 Checksum: | 2835fc64211ae733e2c45f6cb98b23c7 |
|
| /// File Name: |
ndump.tgz |
Description:
|
NDump is a collection of Perl programs to log and parse incoming packets. It is very unique in that it is one of the only loggers to log machine level information as well.
| | Author: | H1kari | | Homepage: | http://www.nfsg.org/downloads/ndump.html | | File Size: | 3479 | | Last Modified: | Nov 15 21:14:03 1999 |
| MD5 Checksum: | c686db0da36133e535eb508a567f264a |
|
| /// File Name: |
screenshot04.gif |
Description:
|
Unavailable.
| | File Size: | 30137 | | Last Modified: | Nov 8 14:06:49 1999 |
| MD5 Checksum: | 5a5c49d6d234cd0e2f4e577df70c0249 |
|
| /// File Name: |
pasmon.jpg |
Description:
|
Unavailable.
| | File Size: | 63339 | | Last Modified: | Nov 2 15:33:34 1999 |
| MD5 Checksum: | 0893d288843fb4be1af92121d4b8f50b |
|
| /// File Name: |
pasmon-0.5.tar.gz |
Description:
|
Pasmon is a graphical passive network monitor. It provides statistics on every host and TCP connection heard on the specified interface[s], probes the system to find valid devices and provides a toolbar button which activates monitoring each device. Currently stable, but with missing features. Screenshot here.
| | Author: | Andrae Muys | | Homepage: | http://www.uq.edu.au/~cmamuys/source_downloads/ | | File Size: | 146035 | | Last Modified: | Nov 2 13:24:42 1999 |
| MD5 Checksum: | b16c85392fd5ba09515dc7c6a67a4755 |
|
| /// File Name: |
spy-3.1.22-Linux-2.x-i386.tar.gz |
Description:
|
SPY is a LAN Protocol Analyzer running on UNIX platforms. It has a built-in interface to capture LAN traffic via a network interface. This capture facility supports Ethernet, FDDI, SLIP/CSLIP, PPP and PLIP. SPY also provides a so called User Capture Interface (UCI), where own programs can feed SPY with their packets. Of course, captured data can be stored to files in binary format for later analysis. The capture facility provides prefilters on the MAC and IP layer (this does not mean, that SPY only supports IP networks). i386 version. ;Homepage here.
| | Author: | Christian Lorenz. | | File Size: | 1046584 | | Last Modified: | Oct 20 14:18:01 1999 |
| MD5 Checksum: | d3e0014ceadca6284f6063a7056c8b0d |
|
| /// File Name: |
gdd13.c |
Description:
|
Ethernet Packet Sniffer 'GreedyDog' Version 1.30. The Shadow Penguin Security. Written by Unyun
| | File Size: | 19947 | | Last Modified: | Oct 17 07:35:09 1999 |
| MD5 Checksum: | b49715544cdb7743f6a28eec00e6c2a3 |
|
| /// File Name: |
esniff.c |
Description:
|
Unavailable.
| | File Size: | 12482 | | Last Modified: | Sep 9 16:41:34 1999 |
| MD5 Checksum: | 1b50a57b9b2a4518004612b1d7e2fd00 |
|
| /// File Name: |
NetPacket-0.01.tar.gz |
Description:
|
NetPacket::* 0.01 - The NetPacket::* bundle of modules disassemble network packets into a Perl hash for various Internet protocols. There are hooks for assembly of packets, but they have not been implemented in this version. At present, decoding for the following protocols has been implemented: Ethernet, ARP, ICMP, IGMP, IP, UDP, TCP.
| | Author: | Tim Potter | | Changes: | Initial version. | | File Size: | 8940 | | Last Modified: | Aug 16 20:13:57 1999 |
| MD5 Checksum: | 0761ff2f6caf4961dcd5778cf7e1e6d1 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
