Using Tcpdump and Tethereal to capture packets
Hi,
I am trying to capture Network packets using tcpdump and tethereal. I want to make an application that records the packets to detect attack signatures. Can anyone tell me how to do it in a simple way.... Like how to detect a Neptune (Syn Flood ) attack.... I really need help for my work here.... ~Shanu |
Why recreate the wheel, when there's Snort?
|
hi
Hi,
I need this for my research.... trying to incorporate a few more features..... Can you tell me how to compare the captured packets from Ethereal or TCPDUMP to detect signatures.... Regards, ~Shanu |
If you want to implemented it in your research, you need to program using PCAP library. Just google PCAP and you will find tons of tutorial to do it. PCAP will give you opportunity to access every packet passing through the interface and you need to extract interesting features you wanted. It is easy to do. There are also wrapper for Python, Perl available if you want to start quickly.
|
All times are GMT -5. The time now is 09:50 PM. |