RE: Slickest way to capture all packets inbound and outbound for a specific IP address, or range?

[Ranjeet Shetye <ranjeet.shetye2 () zultys com>]

On Fri, 2003-09-05 at 14:13, Jim Laverty wrote:
> You could also try ngrep, if you prefer cli based tools.
>
> http://www.packetfactory.net/Projects/ngrep/
>
> -----Original Message-----
> From: B [mailto:carr.287 () osu edu] 
> Sent: Friday, September 05, 2003 4:00 PM
> To: Mark G. Spencer; security-basics () securityfocus com
> Subject: Re: Slickest way to capture all packets inbound and outbound for a
> specific IP address, or range?
>
>
>
> > Would Snort be a good way to do this, or is there a quicker/slimmer 
> > solution?
>
> Ethereal (http://www.ethereal.com/) is a great way to capture all traffic 
> on a network, or to select protocols, IPs, or ranges. As you look to be 
> trying to do this for now and not permanently, I think this is a program 
> you should consider.
> -B
>
>
> ---------------------------------------------------------------------------
> Attend Black Hat Briefings & Training Federal, September 29-30 (Training), 
> October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
> technical IT security event.  Modeled after the famous Black Hat event in 
> Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
> Symantec is the Diamond sponsor.  Early-bird registration ends September
> 6.Visit us: www.blackhat.com
> ----------------------------------------------------------------------------
>
>
>
>
> Note:
> This message is for the named person's use only.  It may contain confidential, proprietary or legally privileged 
> information.  No confidentiality or privilege is waived or lost by any mistransmission.  If you receive this message 
> in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and 
> notify the sender.  You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this 
> message if you are not the intended recipient. Wang Trading LLC and any of its subsidiaries each reserve the right to 
> monitor all e-mail communications through its networks.
> Any views expressed in this message are those of the individual sender, except where the message states otherwise and 
> the sender is authorized to state them to be the views of any such entity.
>
>
> ---------------------------------------------------------------------------
> Attend Black Hat Briefings & Training Federal, September 29-30 (Training), 
> October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
> technical IT security event.  Modeled after the famous Black Hat event in 
> Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
> Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
> ----------------------------------------------------------------------------

Ethereal also comes with "tethereal", the CLI version of Ethereal.


-- 

Ranjeet Shetye
Senior Software Engineer
Zultys Technologies
Ranjeet dot Shetye2 at Zultys dot com
http://www.zultys.com/
 
The views, opinions, and judgements expressed in this message are solely
those of the author. The message contents have not been reviewed or
approved by Zultys.



---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------