Hello:
The original Sniff All link is incorrect; the one below is the correct one.
Sorry for the error and delay.
==================================================
Wouldn't you know it...typo in the URL. Sorry.
http://www.electricrain.com/~tyler/misc/
-Tyler
,---------------------------------------------------------------------,
| Tyler Allison, CISSP |M/S 233-7 (650)604-3602|MIB- Protecting the|
|System Security Analyst |Ames Research Center |earth from the scum|
|[EMAIL PROTECTED]|Moffett Field, CA 94035|of the universe. |
| PGP Fingerprint: FB 4C 6E 4B 13 12 B1 17 68 7A A0 8C 43 30 00 01 |
`---------------------------------------------------------------------'
==================================================
==================================================
> Hello:
>
> I found this on the OpenBSD list and thought some SuSE users may need a
> sniffer. I have not tried it so this is just an FYI.
>
> Regards,
>
> Bill Parker, <[EMAIL PROTECTED]>
>
> --------------------------------------
> But anyway..if you are interested in testing a new password sniffer
> on either Linux or OpenBSD (I'm looking for feedback) go to:
>
> http://www.electricrian.com/~tyler/misc/
>
> I basicly grabbed all the sniffers I could find and took the best parts
> of each and made a super sniffer.
>
> I'm attaching the top comment section of the program below..since I'm
> not much of a C programmer any comments/criticism/flames/improvement
> ideas/etc will be happily accepted. (might want to send them directly
> instead
> of the list)
>
> -Tyler
>
> /*****************************************************************
> **********
> *
> *
> * Sniff All v2.0 for Linux/*BSD
> *
> * Coded and glued together by Tyler Allison ([EMAIL PROTECTED])
> *
> * This program sniffs packets for FTP, telnet, POP3, POP2,
> IMAP2, rlogin in
> * the standard fashion, dumping info to a log file. It also has the
> ability
> * to sniff HTTP traffic and decode Basic Authentication username and
> password
> * pairs. It uses a linked-list (probably should use a hash
> instead) to keep
> * track of all traffic it sees. This improves the "sniffing"
> ability of the
> * sniffer so it doesn't get locked into one connection, and misses some
> * other traffic.
> *
> * Supports libpcap (*BSD and Linux) or raw interface sniffing
> (Linux only).
> * Tested on the following platforms:
> * OpenBSD 2.4
> * Linux 2.2.X /w LSF libpcap
> * Linux 2.2.X
> *
> * This program is for non-criminal use ONLY and should not be used unless
> you
> * have the authorization to do so. Don't blame me if you get busted!
> *
> *
> * This uses code or ideas from the following sniffers:
> * linsniff .03.9beta by Mike Edulla ([EMAIL PROTECTED])
> * websniff 1.0 by BeastMaster V http://www.rootshell.com
> * linsniff .666 by humble of rhino9
> * pcs by halflife
> *
> * - Interface initialization code taken from Touch of Death (TOD V.1) by
> * Brecht Claerhout
> * - Argv hiding taken from nmap v2.03 by
> * Fyodor ([EMAIL PROTECTED], www.insecure.org/nmap)
> *
> * Compile:
> * gcc -o sniffall sniffall.c <-- no DNS resolution
> * gcc -o sniffall -DHOST_LOOKUP sniffall.c <-- yes DNS resolution
> * gcc -o sniffall -D__PCAP__ sniffall.c -lpcap <-- libpcap support for
> *BSD
> * gcc -o sniffall -D__LINUX__ sniffall.c <-- no libpcap for linux
> * (obviously you can mix and match the defines as needed)
> *
> * NOTE: Errors when compiling about ntohl/htonl conflicting types are due
> to
> * problems in the header files in linux. Find the conflicts and fix them.
> *
> * Changelog:
> * diff between v2 and v1:
> * - added libpcap support
> * - ported to OpenBSD
> * - added -i option to override INTERFACE
> * - added argv hiding (This does not work on OpenBSD..well
> it does work
> * but it wont do you any good..being that it's
> * a secure OS the original argv is displayed in
> * 'ps' as well.)
> *
> * Todo list:
> * - add FDDI support
> * - use hash instead of linked list
> *
>
> ******************************************************************
> **********
> /
> ,---------------------------------------------------------------------,
> | Tyler Allison, CISSP |M/S 233-7 (650)604-3602|MIB- Protecting the|
> |System Security Analyst |Ames Research Center |earth from the scum|
> |[EMAIL PROTECTED]|Moffett Field, CA 94035|of the universe. |
> | PGP Fingerprint: FB 4C 6E 4B 13 12 B1 17 68 7A A0 8C 43 30 00 01 |
> `---------------------------------------------------------------------'
>
> -
> To get out of this list, please send email to [EMAIL PROTECTED] with
> this text in its body: unsubscribe suse-linux-e
> Check out the SuSE-FAQ at http://www.suse.com/Support/Doku/FAQ/ and the
> archiv at http://www.suse.com/Mailinglists/suse-linux-e/index.html
>
-
To get out of this list, please send email to [EMAIL PROTECTED] with
this text in its body: unsubscribe suse-linux-e
Check out the SuSE-FAQ at http://www.suse.com/Support/Doku/FAQ/ and the
archive at http://www.suse.com/Mailinglists/suse-linux-e/index.html
