[10390] in bugtraq
Re: X-based sniffer-netxmon
daemon@ATHENA.MIT.EDU (route@RESENTMENT.INFONEXUS.COM)
Thu Apr 29 18:05:22 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-Id: <19990429184415.1646.qmail@resentment.infonexus.com>
Date: Thu, 29 Apr 1999 11:44:15 -0700
Reply-To: route@RESENTMENT.INFONEXUS.COM
From: route@RESENTMENT.INFONEXUS.COM
X-To: zhang@PUBLIC.BJNET.EDU.CN
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19990429084829Z38804-2187+196@brimstone.netspace.org> from Zhang
Qianli at "Apr 29, 99 08:48:02 am"
{Zhang Qianli}
> When I first saw the software ttywatcher, I wondered why not changed it
> into an X-interfaced sniffer. This thought has proved not as easy as I had
> thought. And after about severl months' work, at last the netxmon come into
> being.
Ethereal, http://ethereal.zing.org, is a stable portable network
traffic analyzer running on top of tcpdump that sports a nice GTK-based
interface.
Oh yah. Use libnet. http://www.packetfactory.net/libnet
--
libnet_build_ethernet(de, se, 0x0800, NULL, 0, buf);
libnet_build_ip(0x14, 0, 1, 0, 1, 6, si, di, NULL, 0, buf + 0xe);
libnet_build_tcp(sp, dp, 1, 2, 2, 0xffff, 0, NULL, 0, buf + 0x14 + 0xe);
