WHAT'S HOT
PARTS:
Part 1
Part 2
Part 3
Part 4
Part 5
Part 6
Part 7
Part 8
Part 9
Part 10
Part 11
Part 12
Part 13
Part 14
Part 15
Prev | Current Page 96 | Next

Mark D. Spivey

"Practical Hacking Techniques and Countermeasures"

The expressions
are plentiful and are covered in Appendix B.
228  Practical Hacking Techniques and Countermeasures
Another useful feature of Tcpdump is the ability to save the output to a
log file and the ability to search from the saved file instead of the live data.
To save the output to a file instead of displaying it on the screen use the
following syntax:
tcpdump ??“w
Sniffing Traffic  229
To read captured Tcpdump files use the following syntax:
tcpdump ??“r
As with output to the screen you have granular control over the results of
the file with the use of expressions as above.
*Note: I highly recommend the use of Tcpdump as it offers a pretty good set of
expressions to filter to the desired results and it is a very proven application.
230  Practical Hacking Techniques and Countermeasures
Lab 44: Packet Capture ??” Sniffer
Exploit Data from Network Traffic: WinDump
Prerequisites: WinPcap
Countermeasures: Encryption, various sniffer detector applications
Description: WinDump is the Windows version of Tcpdump (refer to
Lab 43). It is a command-line utility that allows for the capturing of
network traffic. The output can be saved to a file for diagnoses and it
is able to run under all versions of Windows 95 and up.
*Note: WinDump 3.6.2 and older require WinPcap 2.3 and WinDump version 3.8
alpha requires WinPcap 3.0.
Procedure: From the directory containing the WinDump application execute
against the target with the syntax of:
windump
Sniffing Traffic  231
The WinDump application will ???sniff??? the network and capture any data
destined to or from the computer ???sniffing.


Pages:
84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108
Recollections of Calcutta for over Half a Century (page 154) The Time Traders (page 273) A Text-Book of the History of Painting (page 246)