[TOOL] RPCAP, Remote Packet Capture System

From: support@securiteam.com
Date: 10/22/02

• Previous message: support@securiteam.com: "[EXPL] Sendmail Local Exploit Code (GDB support)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: support@securiteam.com
To: list@securiteam.com
Date: 22 Oct 2002 12:00:52 +0200

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  RPCAP, Remote Packet Capture System
------------------------------------------------------------------------

DETAILS

RPCAP is a Remote Packet Capture system. It enables you to run a packet
capture program (the server) on a target computer, which will sniff the
network traffic on that system, and uplink the captured packets to another
host (the client), where the captured packets can be processed, analyzed
and archived. The rpcap system thus consists of two separate processes,
the server (or agent) which captures network traffic on a remote system,
and a client, which receives and processes these packets. The server code
is a standalone executable program which uses the libpcap packet capture
library to capture network traffic. The client is a library called
librpcap, which is linked to a user program and used on the client system
in a manner identical to libpcap, to receive and process the captured
packets.

ADDITIONAL INFORMATION

The tool can be downloaded from:
 <http://rpcap.sourceforge.net/> http://rpcap.sourceforge.net/

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

---

• Previous message: support@securiteam.com: "[EXPL] Sendmail Local Exploit Code (GDB support)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: newbie question about snoop ... > are you able to run snoop on server A, and capture packets between B ... Otherwise you only see MAC layer broadcast or unsteered ... (comp.unix.solaris) Re: telnet port 25 ... In addition to what Bharat said, you might also try using a network sniffer, ... With such a capture, you can see what's happening on the ... Something between the client and the server. ... (microsoft.public.exchange.connectivity) RE: Long Delays Interacting With Server ... you should capture at both points and compare to make sure there is no ... I assume the client here is asking for more data and the server is sending ... Would the 20 second timeout likely be ... (microsoft.public.windows.server.networking) Re: Embed Mplayer into Web page. ... the client side. ... I used Gadwin to capture a frame from one of my videos playing from my ... turned the FTP client off and went back to the web page from which I ... capture on the server. ... (alt.html) Re: form closing ... add code in the client side unload to notify the server (this requires an ... -- bruce ... >> You can use the onbeforeunload event of the body element to capture this ... >> client side. ... (microsoft.public.dotnet.framework.aspnet)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)