On Tue, 14 May 1996, Doug Hughes wrote:
> In light of the recent revival of interest in the TCP SYN probe
> that were undetected by conventional daemon means (e.g. klaxon),
> I wrote a promiscuous network monitor that runs as a packet filter
> and will catch any packet on the network that matches services
> that are given to the program as command line arguments. So far
> it runs on SunOS4.1.X (NIT) and Solaris2.X(DLPI). Individuals
> interested in running it on other architectures would need to
> do some porting. The DLPI code should be portable to other DLPI
> implementations. On SunOS and Solaris all you have to do is type
> Make. The README explains options, history, and implementation.
>
>
This is a good idea. I have also written a similar tool, although mine
logs all syn packets. It uses the libpcap interface. Should compile under
linux, freebsd, irix, sunos, solaris, etc. It is available at
http://www.saturn.net/~brian/files/clog-001.tar.gz (libpcap is not
included with the distribution).
Brian Mitchell brian_at_saturn.net
Public key available http://www.saturn.net/~brian/pubkey
"I never give them hell. I just tell the truth and they think it's hell"
- H. Truman
Received on May 15 1996
Intro
