> I want to add a feature where someone can connect and use a > network-interface of a remote computer to capture data. As ronnie > sahlberg has already pointed out in the ethereal list, > authentication and athoriztion should be one of the topics there. For > sure the will be several more issues. > If there is already a proposal regarding such an feature, it would be > nice to get some documents, otherwise I will start with it and will put > it on the list for further discussions.
I have code which does this already for wireless (sending a modified pcap stream basically). Wrapping it in SSL would be trivial (already on the list of stuff to support). Moving this to pure pcap would also be trivial. This seems more application layer than pcap layer -- by the time you're talking about remote sniffing and shipping the data over a network, you're not talking about needing super-timestamping or many of the other stuff recently discussed. You can snag the code out of Kismet, it's primarily in the 'kismet_drone' segment. The network stack is actually being rewritten but I haven't ported the drone to the new code, but take a look if you feel like it. http://www.kismetwireless.net it's all GPL so knock yourself out, tho I'd be curious to hear what you do with it if you use it. -m -- "If I must be lonely, I think I'd rather be alone." -- "Save Yourself", Stabbing Westward
pgpJHiXeopDok.pgp
Description: PGP signature
