forum.vdsworld.com

GregLand · Posted: Thu Nov 11, 2004 2:25 am Post subject: Port Sniffer

Hello everybody Very Happy

I would like to know if it was possible to make a Sniffer for my LAN...
(It's a program which makes it possible to recover the data which are transmitted on a network ?). Preferably with freeware extension... Laughing

I don't know if it's possible and I don't know at all how to make.

Thanks a lot for your answer ! Wink

PS : Sorry for my poor English Confused

jules · Posted: Thu Nov 11, 2004 9:12 am Post subject:

Network sniffers are all very expensive, which is probably a reflection of how complex they are to develop. Mostly they require special drivers to be installed. Drivers are hard to develop in any language, and certainly not possible in VDS. There are some that don't seem to require drivers, but can interface directly with certain makes of network card. In theory, you could write a VDS extension to do the same, which would allow you to display or analyze the results using VDS. But it would still be very hard.

GregLand · Posted: Thu Nov 11, 2004 12:30 pm Post subject:

I understand... I understand... What a pity... Crying or Very sad

Thank-you anyway for your response... But if someone has an idea (even small), do not hesitate! Wink

FreezingFire · **Admin Team** Joined: 23 Jun 2002 Posts: 3508

Are you talking about a packet sniffer?

PGWARE · **Web Host** Joined: 29 Dec 2001 Posts: 1566

Take a look at WinPcap: http://winpcap.polito.it/

It's a free network packet capture and analysis library; and you can include it with any programs you make.

It may be possible to use it with the vds dll load and unload commands but probably much more difficult. I would really suggest using VB or DELPHI when working with an extension this extensive.

It will require a lot of work either way even with this set of libraries.

GregLand · Posted: Thu Nov 11, 2004 7:49 pm Post subject:

Very good ! Thanks... Shocked

I'm going to try it !

If someone have an idea... no problem... it was going to be difficult for me... Confused

webdaddy · Posted: Fri Jul 22, 2005 1:47 pm Post subject: Packet Sniffing

Another method that I am using is to use a binary compiled for windows of TCP dump and then analyze that with VDS. You can also hide a larger packet sniffer such as Ethereal to accomplish the same thing. As long as the output is consistant it can be analyzed by your VDS applicaton.

Awhile back I was looking at writing my own IDS and ran into the same issues the guys here are talking about. My solution was to use tcpdump (DOS command line) and use with runh command in VDS and use VDS to control it and then process the output in VDS. Worked like a champ.

webdaddy · Posted: Sun Nov 20, 2005 8:09 am Post subject: Also

I also did a sniffer in VDS using netcat and calling it from VDS and hiding it with RUNH. You have to make sure you have WinPCap installed to do it with netcat but it does work. Hope that helps. Depends on what you really are looking to capture. There are may ways to do it. Why reinvent the wheel here.