[10556] in bugtraq
Source code IS available (Was: Re: Windump for Windows)
daemon@ATHENA.MIT.EDU (Ken Williams)
Fri May 14 13:59:35 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.SOL.4.05.9905141109480.28459-100000@ultra2-100lez.eos.ncsu.edu>
Date: Fri, 14 May 1999 11:19:03 -0400
Reply-To: Ken Williams <jkwilli2@UNITY.NCSU.EDU>
From: Ken Williams <jkwilli2@UNITY.NCSU.EDU>
X-To: Brett Glass <brett@LARIAT.ORG>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <4.2.0.37.19990512131419.04459e80@localhost>
On Wed, 12 May 1999, Brett Glass wrote:
> Date: Wed, 12 May 1999 13:15:51 -0600
> From: Brett Glass <brett@LARIAT.ORG>
> To: BUGTRAQ@netspace.org
> Subject: Re: Windump for Windows
>
> How do we know that this is not a remote sniffer? There's
> no source, so it's hard to tell without ANOTHER sniffer.
>
> --Brett Glass
>
> At 01:28 PM 5/11/99 -0700, Edward Gibbs wrote:
> >FYI...
> >
> >TCPdump is a network capture program developed by Network Research Group
> >(NRG) of the Information and Computing Sciences Division (ICSD) at Lawrence
> >Berkeley National Laboratory (LBNL) in Berkeley, California.
> >
> >Originally available only on UNIX platform, this is the porting on Windows
> >(95/98, NT 4.0). It consists in an executable (the windump main program)
> >with a network capture driver: both are specific for each platform.
> >
> >To download and install WinDump see:
> >
> >http://netgroup-serv.polito.it/tools/analyzer/Install/windump/
> >
> >Edward Gibbs, ed@iprg.nokia.com
> >Systems Engineer, Security Specialist
> >Nokia IP - http://www.iprg.nokia.com/
> >232 Java Drive, Sunnyvale, CA 94089 USA
> >Direct: 1-408-990-2187
> >Cellular: 1-408-504-4276
> >Fax: 1-408-743-5675
> >
> >perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
>
actually, the source code for all of the programs:
Analyzer.exe, packet95.exe, PacketNT.exe, WinDump.exe, WinDump95.exe
(plus libpcap, tcpslice, convdump, FlowsDet, query too)
can be found here:
http://netgroup-serv.polito.it/tools/analyzer/Install/bin/sources.zip
it's mirrored, of course, in the usual place too:
<http://packetstorm.genocide2600.com/>
take it easy,
Ken Williams
jkwilli2@csc.ncsu.edu
Packet Storm Security http://packetstorm.genocide2600.com/
Trinux: Linux Security Toolkit http://www.trinux.org/ ftp://ftp.trinux.org
PGP DH/DSS/RSA Public Keys http://packetstorm.genocide2600.com/pgpkey/
E.H.A.P. VP & Head of Operations http://www.ehap.org/ tattooman@ehap.org
NCSU Computer Science http://www.csc.ncsu.edu/ jkwilli2@csc.ncsu.edu
SHANG: Secure Highly Available Networking Group http://shang.csc.ncsu.edu/
