Ethernet-Tools

From C4 Wiki
Revision as of 19:23, 18 December 2004 by Tomyum (talk | contribs) (http://www.tcpdump.org/)
Jump to: navigation, search

http://www.ethereal.com/

"Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product. Its open source license allows talented experts in the networking community to add enhancements. It runs on all popular computing platforms, including Unix, Linux, and Windows."

see also:

http://www.onlamp.com/lpt/a/323 "Using Ethereal"
http://www.onlamp.com/lpt/a/4834 "Top Ten Ethereal Tips and Tricks"

http://etherape.sourceforge.net/

"EtherApe is a graphical network monitor for Unix modeled after etherman. Featuring link layer, ip and TCP modes, it displays network activity graphically. Hosts and links change in size with traffic. Color coded protocols display. It supports Ethernet, FDDI, Token Ring, ISDN, PPP and SLIP devices. It can filter traffic to be shown, and can read traffic from a file as well as live from the network."

http://www.tcpdump.org/

"tcpdump - dump traffic on a network"

see also:

http://www.onlamp.com/lpt/a/702 "Capturing TCP Packets"

http://naughty.monkey.org/~dugsong/dsniff/

"dsniff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI."

http://ettercap.sourceforge.net/

"Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis."