GOOD packet sniffers

Anything and Everything about Uplink

Moderators: bert_the_turtle, jelco, Chris, Icepick, Rkiver

xluryan
level1
level1
Posts: 31
Joined: Mon Mar 17, 2003 9:56 pm

Postby xluryan » Mon Jul 28, 2003 7:31 am

I need a packet sniffer that captures both incoming and outgoing data. Does anyone know where I can get one of these. And please don't just give me a link to some site with some crappy packet-sniffer, I have already tried just searching for them and downloading whatever. Please give me a site with one that works and preferably that you have used before. Thanks.
They can strike me down, but I will get back up.
They can try to scare me, but I am not afraid.
No matter what they do, they CANT stop me...                            Because I am a Freedom Fighter, and Freedom, is Forever.
Deepsmeg
level5
level5
Posts: 6510
Joined: Thu Mar 21, 2002 1:26 pm
Location: Register 2102
Contact:

Postby Deepsmeg » Mon Jul 28, 2003 10:09 am

ethereal
User avatar
NeoThermic
Introversion Staff
Introversion Staff
Posts: 6254
Joined: Sat Mar 02, 2002 10:55 am
Location: ::1
Contact:

Postby NeoThermic » Mon Jul 28, 2003 10:29 am

Yeah, I've got one that I use alot... here is how to get it:
1) Learn C++
2) Learn Raw Sockets
3) Get an OS that has FULL raw sockets support [2K, XP, Linux, (macs?)]
4) Program your own packet sniffer via raw sockets.

Volia.
Any more questions?
Oh yeah... www.google.com might help alot ;

[so might the place where the link in my sig comes from]

NeoThermic
User avatar
Luigi300
level5
level5
Posts: 1615
Joined: Wed May 01, 2002 2:08 pm
Location: :noitacoL
Contact:

Postby Luigi300 » Mon Jul 28, 2003 1:54 pm

Back Orifice, Sub7...
Luigi for mod in 2006!
Adriac
level5
level5
Posts: 3504
Joined: Wed Jan 23, 2002 7:20 am

Postby Adriac » Mon Jul 28, 2003 1:59 pm

Yeah, Macs. BSD, baby.

There is actually a pretty cool gui implementation of the BSD tools, and Ethereal works out of the box (if you can get fink running ;))
00010001000100000000101100010111000 10110000100010001100001011111000101 10000100100000111100010000000011010 0001011000111100001000100001011
Dezmond
level4
level4
Posts: 582
Joined: Wed Mar 27, 2002 6:21 pm

Postby Dezmond » Mon Jul 28, 2003 2:14 pm

You lot are so cruel... what you're really looking for is a wireless one. PM me for more details.
Slytz
level1
level1
Posts: 69
Joined: Sat Jul 19, 2003 1:31 pm
Location: Birmingham

Postby Slytz » Mon Jul 28, 2003 6:58 pm

Quote: from Luigi300 on 1:54 pm on July 28, 2003[br]Back Orifice, Sub7...


The second person to recomend someone to Back Orfice...If you would like a copy of the Subseven server send me a message I'll be more than happy to give it to you...

Slytz.
Slytz Tha Psychopathic Ninja Clown
Darksun
level5
level5
Posts: 6461
Joined: Sat Dec 07, 2002 7:08 pm
Location: 127.0.0.1

Postby Darksun » Mon Jul 28, 2003 11:08 pm

Slytz, send it to me

/me pats 00[sub]7
User avatar
Luigi300
level5
level5
Posts: 1615
Joined: Wed May 01, 2002 2:08 pm
Location: :noitacoL
Contact:

Postby Luigi300 » Tue Jul 29, 2003 12:00 am

Right, two things. A: Sub7 is something for script kiddies. B: The file would be the client that you'd give me.
Luigi for mod in 2006!
User avatar
Starfyre
level5
level5
Posts: 3247
Joined: Sat Jun 29, 2002 3:00 pm
Location: in the tree house

Postby Starfyre » Tue Jul 29, 2003 12:04 am

Not necessarily, since the server allows you to take full control over the person's computer, thus being able to remotely steer other clients (or servers) from the target.

But stop with the Sub7 crap, noone cares about it, okay?

The best packet sniffers are the ones you write yourself, do a lookup on Google. Offers lots of material on that subject!
andrewas
level4
level4
Posts: 621
Joined: Sun Mar 16, 2003 10:57 pm
Location: Scotland

Postby andrewas » Tue Jul 29, 2003 12:44 am

Quote: from Dman on 2:14 pm on July 28, 2003[br]You lot are so cruel... what you're really looking for is a wireless one. PM me for more details.


Why in the nine hells would he want a wireless packet sniffer?
Stewsburntmonkey
level5
level5
Posts: 11553
Joined: Wed Jul 10, 2002 7:44 pm
Location: Nashville, TN
Contact:

Postby Stewsburntmonkey » Tue Jul 29, 2003 1:11 am

Well there are several possibilities, you could snoop on wireless connections, or there are some very high end devices that allow you to monitor all electrical activity on a system from a distance, and so you can log key strokes, or snoop on the internet activity, etc.  But both of those are generally well beyond what you would need.  I think Dman was just playing the fool again.
sir hackalot
level3
level3
Posts: 451
Joined: Thu Apr 25, 2002 7:05 pm
Contact:

Postby sir hackalot » Tue Jul 29, 2003 3:08 am

well its obvious he can not progrma his own, so my advice go with commercial options, unless ur on nix system, these often offer the easiest of solutions, as for incoming traffic, the only one i know of is a tool for bsd(forgot what its called) that logs all incoming packets, and can port scan a network at the same time, making it legal.
chocoba65
level1
level1
Posts: 52
Joined: Thu Jan 31, 2002 3:47 am
Location: Canada

Postby chocoba65 » Sun Aug 03, 2003 10:14 pm

Quote: from Deepsmeg on 5:09 am on July 28, 2003[br]ethereal

Ethereal
Sniffing the glue that holds the Internet together
http://www.ethereal.com
GRADE 1 UPLINK AGENT  Rating: TERMINAL
NEUROMANCER (Unofficial)  Rating: Sociopathic
Balance: 16447420 credits
Adriac
level5
level5
Posts: 3504
Joined: Wed Jan 23, 2002 7:20 am

Postby Adriac » Sun Aug 03, 2003 10:56 pm

Fun networking fact of the day: Reading other people's packets

It's called Promiscuous Mode, here's how it works:

Let's say Alice and Bob are having a conversation on the network. It'd be like this.

[Alice]<---->[Hub]<---->[Bob]

But wait, I'm on the network too.

Code: Select all

            [WAN]
              |
              |
              |
[Alice]<---->[Hub]<---->[Bob]
              |
              |
              |
            [Carl]

We'll call me Carl just to keep things straight.
WAN is the internet ("Wide Area Network"). We're all on the other side.
[WAN]<--->[Hub]<--->[Us]
So when we send packets on the network, it looks something like this:
[Alice]--->[Hub]---[WAN]
[Bob]<---[Hub]---[WAN]
But wait- this hub is pretty stupid. It doesn't know Alice from Bob from a piece of cheese. So how does it make sure I don't get the packets intended for Bob?

It doesn't. So here's what really happens:
[Alice]--->[Hub]---[WAN]
[Bob]<---[Hub]---[WAN]
[Carl]<---[Hub]---[WAN]
[Joe Shmoe from Accounting]<---[Hub]---[WAN]

It's basically like passing a note around in class with somebody's name on it-

From: Alice
To: Bob
Subject: Hey bob!

But it's actually sent to everyone. Normally, at a very low level, Carl sees "To: Bob" and just tosses out the message, while Bob sees it and reads it.

So putting your network tools into promiscuous mode is just like reading the letter your classmate told you to pass down (except of course that it's undetectable). I get a letter reading "To: Bob", but instead of ignoring it (passing it on) I log it and then ignore it (read it and pass it on).

And THAT my friends is how you can read every unencrypted packet on the same hub as you.

Hope you learned something.
00010001000100000000101100010111000 10110000100010001100001011111000101 10000100100000111100010000000011010 0001011000111100001000100001011

Return to “General”

Who is online

Users browsing this forum: No registered users and 1 guest