|
(Page 10 of 14) < Prev 4 5 6 7 8 9 10 11 12 13 14 Next > Category: Sniffers Echelon for Dummies Added 2001-10-22 Echelon for Dummies is a 'distributed' sniffer. E4D consists of sniffing 'Agents,' servers that can be installed on any number of hosts, and will then sniff traffic and forward the results via the TFN2 method (random protocol/strong encryption) to a central logging daemon that handles messages from all the remote hosts. E4D sniffing agents will monitor ALL local traffic at SOCK_RAW level and perform pattern matching against a user-defined list of keywords and -patterns, scanning all UDP/TCP/ICMP packets. Windump Added 2001-10-22 Windump 2.03 is a dynamically loadable version of the excellent Windump 2.02 port. This modified app consist of only 2 parts, the .exe and the .sys. ngrep (Windows) Added 2001-10-22 ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop. Pdump Added 2001-10-22 pdump is a highly configurable packet sniffer written in Perl, that dumps, greps, monitors, creates, and modifies traffic on a network. It combines many of the features found in tcpdump, ngrep, tcptrace, dsniff (and its webspy and urlsnarf), pfilt, macof, and xpy. It also allows users to simply add their modifications via a plug-in system. It is able to do such things as passive operating system detection/fingerprinting and has enough artificial intelligence to watch streaming packets and then create it's own packets to do various things in the connection such as killing open TCP connections within any connection on the local network, going in our out of the network. THC-Parasite Added 2001-10-22 THC-Parasite allows you to sniff traffic on a switched network by using either ARP Spoofing or MAC Flooding. THC-Parasite's algorithms are designed to bypass basic switch security. Altivore Added 2001-10-22 Altivore is an alternative implementation of Carnivore. Source code is being disclosed in an effort to provide a solid foundation for debate of the technical features of Carnivore. This software contains the basic Carnivore features outlined in the FBI's solicitation for independent review of Carnivore. The basic capabilities are: - monitors suspect's e-mail (either headers or full content) - lists servers suspect accesses (FTP, HTTP, etc.) - full "sniffing" of suspect's IP address - discovery of suspect's current IP address through RADIUS logon nicedump Added 2001-10-22 nicedump is a network sniffer which tries to display the entire packet contents. Nicedump can be configured to adapt or add new protocols (with its language) without any re-compilation phase. It can be useful for network developers, to help them to debug there applications, or to teach network and protocols, or like every network analyzer, to debug a network problem. sniffer Added 2001-10-22 sniffer is a multi-threaded packet sniffer which prints information about some user space protocols to a file and displays some network stats on the screen. RelayTCP Added 2001-10-22 RelayTCP allows to redirect TCP/IP connections from a local port to a remote IP and port. Relay TCP has the capacity to record all the connections made and the data transferred. It's useful for transferred data debuggin purposes Angst Added 2001-10-22 Angst is a simple active sniffer, based on libpcap and libnet. It dumps into a file the payload of all the TCP packets received on the specified ports, and also floods the local network with random MAC addresses, causing switches to send packets to all ports. Browse by category |
|
|
Privacy Statement |
