Setting up a sniffing environment to loot at packet transfered from my windows comp?
Ok first of all I must say that I'm a total :newbie: to linux, I installed it today to learn how it work since I will study it soon. Anyway I wanted to install a program on my computer today and it say I have to set up a sniffing environment to analyse the packet that my windows computer is sending and receiving with my linux box. My computers are connected to internet with a router. I don't know what I have to do so I don't know if you'd need more information..
Anyway if someone could assists me to do that and maybe to install the program that require this sniffing environment I'd really appreciate it. you can contact me with ICQ (9607973) or MSN (shurik_n@hotmail.com) I know it's kinda funny of posting a microsoft email but that's all I have for now ; ) Thanks a lot to those who would help |
try tcpdump
check this out man tcpdump |
there is also sniff, snort, and nc
|
hmm and that mean?
as I said I just started using linux :( |
Here is what the installation file says:
============================ Verifying your network setup ============================ You need to set up a sniffing environment. How to do that is beyond the scope of this simple INSTALL file, but look around the net; there are many guides. To verify that your sniffing setup is correct, run the following command on your would-be EX box WHILE playing DAoC: tcpdump -n host <IP of your Windows Machine playing DAoC> You should (hopefully) see two-way traffic, that is traffic both to AND from your windows machine. If you don't, you don't have a sniffing setup, and you should fix that first. I hope it can help I did the cmd they are saying and nothing happened so I guess I'd have to do something before trying to sniff my windows box.. Thanks for the help |
so where are you having problems
do you know the ip address that you are supposed to use? please give more details of the problem this is the command, with exception of the ip address may be incorrect tcpdump -n host 192.168.0.1 |
also you can run tcpdump like this to see traffic
tcpdump |
I'm having problem with when they say setup a sniffing, all I have to do is typing this command and let it run?
|
thats right
it's pretty much fool proof if you have a nic and it's setup for your network. It looks like they are wanting you to verify that it's just seeing packets from the machine. typing this command... tcpdump will display the packet headers and if you know the ip address of the windows machine you can look for it in the output to verify that it's sending packets across the network. if you install sniff you can use it to format the output of tcpdump like this sniff -c -- -i eth0 > filename the last part > filename will output it to the file "filename" so you can read the file later. If you want it to show on the screen leave it off, but it will be going too fast to read. see the output of sniff -h for details |
ok I will try it :)
Thanks a lot! |
All times are GMT -5. The time now is 09:21 AM. |