Re: Sniffering tool.

From: Matthew R. Potter (mpotter@atpco.com)
Date: 11/22/01


Message-Id: <3.0.6.32.20011122214306.00ae40f8@access.atpco.com>
Date: Thu, 22 Nov 2001 21:43:06
To: focus-sun@securityfocus.com
From: "Matthew R. Potter" <mpotter@atpco.com>
Subject: Re: Sniffering tool.


Snoop comes with solaris.

tcpdump(www.tcpdump.org), snort (www.clark.net/~roesch/secold.html),
ethereal... You'll need libpcap for either. You need to d/l a precompiled
version or build it yourself which is as easy as

./configure ; make install

For ethereal I think you need some GTK libs, and anything GTK requires.
www.ethereal.com they have a dependency/requirements info.

Matt

P.s www.snort.org seems to not work.. hmmm



Relevant Pages

  • Re: Filtering out P2P traffic
    ... You may be interesed in Snort and Snortsam ... In an educational institution I use Solaris 10 on the gateway between ... Is possible to block P2P traffic with the IPFilter included in Solaris ...
    (Focus-SUN)
  • RE: Snort or Ethereal for a relative newbie?
    ... >thought Snort was capable of dropping packets based on the snort ... Snort captures packets using libpcap and runs them through a ruleset to ... will not have problems installing snort. ...
    (Security-Basics)
  • Re: Need some advice on an IDS solution
    ... > Drew Cutter wrote: ... Snort does run on solaris. ... I like snort and a file integrity checker, like tripwire. ...
    (comp.security.firewalls)
  • Re: IP logging tools for Solaris.
    ... IP logging tools for Solaris. ... > So we've got date and time, protcol, source ip and port, and destination ip ... ps. libpcap works fine on solaris and has since early 90s or earlier. ...
    (Focus-SUN)
  • RE: Snort.
    ... Subject: Snort. ... Which version of libpcap are you using? ... I was reading about the advantage to use Snort whit other soft ...
    (Security-Basics)