Section: .. / sniffers /
| /// File Name: |
wci.c |
Description:
|
WCI for Windows is a simple ARP connection interceptor for switched networks and especially for SMB, based on ARP0c2.c. Features automated bridging and routing, ARP redirection/spoofing, automated connection interception for ALL SMB servers in the local subnet, and network cleanup on exit. On startup, WCI enumerates all resources in the Windows netwoking environment (SMB) and intercepts all possible connections (any2any). Requires the Packet Driver Developers Pack. Binaries available here.
| | Author: | FX | | Homepage: | http://www.phenoelit.de | | File Size: | 44962 | | Last Modified: | Jul 5 16:40:56 2000 |
| MD5 Checksum: | a68bfc84f695776e5ab21a599c4e15aa |
|
| /// File Name: |
smit.tar.gz |
Description:
|
Smit is a simple ARP hijacking tool for switched and unswitched networks. The source is based on arpmitm and arprelay and includes nice features such as automatic ARP MAC query and an improved MAC cache consistence algorithm. You can also run Smit in transproxy-only mode and use your favourite sniffer to capture 'hijacked' packets on switched networks.
| | Author: | Paul Starzetz | | File Size: | 5721 | | Last Modified: | Jun 28 23:51:37 2000 |
| MD5 Checksum: | 771a34d98d040d197c65efb7bf7e33a1 |
|
| /// File Name: |
iris |
Description:
|
Unavailable.
| | File Size: | 0 | | Last Modified: | Jun 15 20:03:15 2000 |
| MD5 Checksum: | d41d8cd98f00b204e9800998ecf8427e |
|
| /// File Name: |
linux-sniff.c |
Description:
|
Linux-sniff v1.0 - Linux eth/tcp/ip sniffer. This tool logs printable data in the packet or it gives detailed info about the eth/tcp/ip packet headers.
| | Author: | Xphere | | Homepage: | http://www.casema.net/~gin | | File Size: | 12424 | | Last Modified: | Jun 13 16:27:59 2000 |
| MD5 Checksum: | 6d54d1b97266e2486e34d9c79beb6aea |
|
| /// File Name: |
snuff-v0.8.1.tar.gz |
Description:
|
Snuff is a packet sniffer for Linux 2.0/2.2 that can monitor many streams at once. It can also mail and wipe the log if reached a specified size.
| | Author: | Noah | | Homepage: | http://ns2.crw.se/~tm/ | | Changes: | No more crap in the sniff logs anymore - Checking the size of the ip & tcp header now. Added the keepopen parameter for the log file and fixed a y2k bug. | | File Size: | 5532 | | Last Modified: | May 30 16:07:42 2000 |
| MD5 Checksum: | d185f08af18e5f162c63e3b184e32c40 |
|
| /// File Name: |
coopersniff01.zip |
Description:
|
NT Sniffer 0.01 - For NT4.0 includes a packet driver. Sniffs packets from networks and displays full information for: Ethernet, IP, TCP (data also), and UDP.
| | Author: | Brett Cooper | | Homepage: | http://www4.50megs.com/sniffer/index.html | | File Size: | 47004 | | Last Modified: | May 3 18:24:32 2000 |
| MD5 Checksum: | fa402a028be4dbbef0c5c1d5d6d5ec81 |
|
| /// File Name: |
analyzer.exe |
Description:
|
Analyzer v2.02 is a full configurable windows packet sniffer and network analyzer. Developed in a Win32 environment, it works on both Windows 95/98 and Windows NT/2000 platforms. It features a GUI, an analysis engine and a capture program.
| | Author: | Piero Viano | | Homepage: | http://netgroup-serv.polito.it/analyzer | | Changes: | Packet Capture performance greatly improved, support for Windows 2000 added, and many bugs fixed. Requires a packet driver, available here. | | File Size: | 1920509 | | Last Modified: | Apr 5 19:43:43 2000 |
| MD5 Checksum: | c20d32db59004f86123d0117a9753af0 |
|
| /// File Name: |
tgk-log-2.4.tar.gz |
Description:
|
tgk-log 2.4 - A remade version of linsniffer, no longer recording just contents of a packet but some additional information. Designed to be used for logging the traffic through a ipmasq gateway. More TCP, UDP, ICMP support, and code optimization with this release.
| | Author: | EF | | Homepage: | http://ccitt5.net/archive/ | | File Size: | 6333 | | Last Modified: | Mar 31 05:16:00 2000 |
| MD5 Checksum: | b659596929d26a430ea31372dd0b2b56 |
|
| /// File Name: |
get_name.pl |
Description:
|
get_name.pl will parse the username / pw out of a linsniffer log.
| | Author: | Richard Wash | | File Size: | 1898 | | Last Modified: | Mar 29 16:04:00 2000 |
| MD5 Checksum: | 3520197c8ed3f3ec12bfd4a7aaa29717 |
|
| /// File Name: |
fipra_0.65c.tar.gz |
Description:
|
FIPRA (Fast IP Routing Accounting) is a kernel patch tool for logging IP traffic at high speeds. The logging part is moved inside the kernel and adds as little as possible to the overhead of handling IP packets.
| | Author: | Roger Abrahamsson | | File Size: | 229101 | | Last Modified: | Mar 24 00:34:11 2000 |
| MD5 Checksum: | 56a4863d6370a0510aa1ba9a7b836a5a |
|
| /// File Name: |
MiM.c |
Description:
|
MiM can be used to redirect the flow between two hosts through a third host which logs it in tcpdump/pcap format. We use unsolicited ARPs to do this and the redirector listens for, and responds to, future ARP requests for the addresses in question, so the redirection should remain fairly persistent even when ARP caches expire. I put it together primarily to demonstrate that, yes, you can sniff in a switched environment. It just requires a couple ARPs.
| | Author: | Trevor Schroeder | | File Size: | 6118 | | Last Modified: | Feb 9 15:14:50 2000 |
| MD5 Checksum: | 4744ee0cc53a88b4f341ab0697225d2e |
|
| /// File Name: |
getdata.tar.gz |
Description:
|
Getdata Protocol Analyzer is another sniffer made with libpcap that supports multiple protocols like TCP, UDP, ICMP, IGMP, etc.
| | Author: | Cronix da silva sauro | | Changes: | Bug fixes and some additional features. | | File Size: | 222640 | | Last Modified: | Feb 2 21:24:01 2000 |
| MD5 Checksum: | a51fd55ed59ead01db641c22da967c25 |
|
| /// File Name: |
snuff-v0.7.1.tar.gz |
Description:
|
Snuff is a packet sniffer for Linux 2.0/2.2 that can monitor many streams at once. It can also mail and wipe the log if reached a specified size.
| | Author: | Noah | | Homepage: | http://ns2.crw.se/~tm/ | | File Size: | 5086 | | Last Modified: | Jan 28 18:47:45 2000 |
| MD5 Checksum: | 4233057c89dde694a2671a13ee61077e |
|
| /// File Name: |
sniffing-faq.htm |
Description:
|
Excellet FAQ on packet sniffing version 0.3.0, updated Jan 15, 2000.
| | Author: | Robert Graham | | File Size: | 116276 | | Last Modified: | Jan 26 15:57:39 2000 |
| MD5 Checksum: | bc1fcf357c858c3332d89a3ceb82cf4e |
|
| /// File Name: |
synsniff11.tar.gz |
Description:
|
synsniff, as the name would imply, is a simple program which watches for the first part of a TCP connection (the SYN packet) and logs it. Optionally, synsniff can detect FIN (end of session) packets with no corrosponding SYN; this is useful for discovering stealth FIN scans. It is primarily a TCP connection logger but also includes some portscan detection heuristic. It logs incoming SYN and FIN packets to stdout, and also detects portscans by watching for multiple incoming connections within a short timeout (default threshold is 7 connections per second).
| | Homepage: | http://www.jammed.com/%7Ejwa/Security/ | | File Size: | 6415 | | Last Modified: | Dec 12 17:04:38 1999 |
| MD5 Checksum: | 4cfbf3f150fe77ff5656d2a22c3bf0d9 |
|
| /// File Name: |
ss-1.3.tgz |
Description:
|
Super Sniffer is a combination of esniff.c and tcpdump. It also supports a plethora of other options including DES encryption on log files, user monitoring, forwarding logs regularly to a secondary host, and NFS file handle sniffing. It uses the libpcap and GNU regular expression pattern-matching libraries. Super Sniffer will incorporate in-kernel filtering using the Berkeley Packet Filter (bpf) on hosts that provide it. This allows network sniffing on busy networks with much fewer packet drops. Super Sniffer is meant to be a an all-in-one sniffer, combining all the features of the scores of architecture-specific sniffers around, and it will compile and sniff on virtually anything.
| | Author: | Ajax | | Homepage: | http://users.dhp.com/~ajax/projects | | File Size: | 797002 | | Last Modified: | Nov 29 19:37:57 1999 |
| MD5 Checksum: | b0903b92250ad09d15b7d01f318912f9 |
|
| /// File Name: |
e4d.tgz |
Description:
|
Echelon for Dummies is a distributed sniffer which tries to show how the "echelon" network could be designed. It uses sniffer servers that can be installed and run on remote hosts, and will dig through local network traffic, useing custom pattern/keyword matching to find packets with interesting content, which are then forwarded to a central loghost on which the logging daemon is run that gathers and logs the data. For stealth purposes, Sniffers and the logger communicate via random protocols and encryption, and are compatible to many Unix systems and NT.
| | Author: | Mixter | | Homepage: | http://1337.tsx.org | | File Size: | 97006 | | Last Modified: | Nov 29 18:47:19 1999 |
| MD5 Checksum: | 2835fc64211ae733e2c45f6cb98b23c7 |
|
| /// File Name: |
ndump.tgz |
Description:
|
NDump is a collection of Perl programs to log and parse incoming packets. It is very unique in that it is one of the only loggers to log machine level information as well.
| | Author: | H1kari | | Homepage: | http://www.nfsg.org/downloads/ndump.html | | File Size: | 3479 | | Last Modified: | Nov 15 21:14:03 1999 |
| MD5 Checksum: | c686db0da36133e535eb508a567f264a |
|
| /// File Name: |
screenshot04.gif |
Description:
|
Unavailable.
| | File Size: | 30137 | | Last Modified: | Nov 8 14:06:49 1999 |
| MD5 Checksum: | 5a5c49d6d234cd0e2f4e577df70c0249 |
|
| /// File Name: |
pasmon.jpg |
Description:
|
Unavailable.
| | File Size: | 63339 | | Last Modified: | Nov 2 15:33:34 1999 |
| MD5 Checksum: | 0893d288843fb4be1af92121d4b8f50b |
|
| /// File Name: |
pasmon-0.5.tar.gz |
Description:
|
Pasmon is a graphical passive network monitor. It provides statistics on every host and TCP connection heard on the specified interface[s], probes the system to find valid devices and provides a toolbar button which activates monitoring each device. Currently stable, but with missing features. Screenshot here.
| | Author: | Andrae Muys | | Homepage: | http://www.uq.edu.au/~cmamuys/source_downloads/ | | File Size: | 146035 | | Last Modified: | Nov 2 13:24:42 1999 |
| MD5 Checksum: | b16c85392fd5ba09515dc7c6a67a4755 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
