Sniffer
It is a packet sniffer for linux it was written under RH6.1 it is still in heavy
development so if you do find any bugs make sure you mail them to me mistral@stevenson.zetnet.co.uk
Current: sniffer-0.3.tar.gz Size: 39KB
Features
- A ncurses user interface.
- Network statistics to view the amount of packets and data in man different protocols and
by interface.
- View what active TCP connections are on the netwotk.
- View UDP packets.
- View and log all ICMP packets.
- View and log the 48bit arp protocol.
- Multithreaded so that the user interface does not interfere with any of the packet
captureing methods.
- View and log the following user space protocols FTP, POP3
Requirements
- The program has been developed on a RH6.1 system with a 2.2.14 kernel
- To get the program to work you will need to have a C compiler and the linux
pthreads libary
- Some knowledge of C would be useful if you get compile errors.
Changes
Since Version 0.2
- better printing of unknown icmp packets
- support for UDP, TCP, ICMP checksums
- more changes to the gui now works in different sized screens and will use all the height anyway
- Fixed a race where it was crashing at startup sometimes
- move alot of header files aboutt o try to speed up the compie time
- Fixed a few problems with the gui now works with RedHat6.2
- Fixed a really stupid UDP packet length bug
- rewrote the lookup code and added a viewer it has a nice feature to show what lookups fail and whats being looked up and what still has to be looked up
- added support for a per host stats
- fixed the tcp gui corruption bug it was running off the end of a buffer because something was overwriting the NULL
- made the arp faster with a few improvements
- some changes to the pop3 module
Since Version 0.1
- Added a lot of other code to detect other IP packets
- Added a nice gui to arp you can now scoll up and down the cache
- Added reverse name lookup for ip addresses
- Added interface names instead of numbers still need to fix the reading bug in it
- Fixed a whole load of bugs
- Fixed some bugs on reading raw packets
- now reuses interface structs when the interface comes back up with a different index
number
- The Version sniffer-0.1 was first released on the 6th April 2000
Old Versions
