Guest Lin77 Posted February 10, 2003 Report Share Posted February 10, 2003 I was just curious if there's something that can read everything in a sent packet from a local machine. I'm really just trying to find out what all outgoing traffic is going to and monitor activity. Basically, I'll need something as comprehensive as possible to monitor outgoing traffic. Quote Link to comment Share on other sites More sharing options...
Counterspy Posted February 10, 2003 Report Share Posted February 10, 2003 There is a packet sniffer called ethereal on one of the disks. If not on any of the first three, then it will be on contribs. You should be able to download it from a Mandrake mirror or find it with rpmfind or the new kid on the block rpmseek if you don't have Powerpack. It will require at least one dependency, libpcap, and maybe one other. Getting meaningful information from it is a daunting task but it has extremely thorough docs. There are literallly a hunded or so packet types described in detail so be judicious if you decide to print them. IIRC, the manual is in PDF form, but its been a while and I stopped printing before all of the packet descriptions were finished. Counterspy Quote Link to comment Share on other sites More sharing options...
Guest anon Posted February 10, 2003 Report Share Posted February 10, 2003 Its available on our own site: ftp://ftp.mandrakeusers.com/pub/Mandrake-...6-2mdk.i586.rpm Quote Link to comment Share on other sites More sharing options...
Guest Lin77 Posted February 10, 2003 Report Share Posted February 10, 2003 Thanks for the info, but the libcap depend is giving me trouble. I haven't been able to find it anywhere; can't even find the source for it. Quote Link to comment Share on other sites More sharing options...
Cannonfodder Posted February 10, 2003 Report Share Posted February 10, 2003 Libcap at rpmfind.net http://www.rpmfind.net/linux/rpm2html/sear...ubmit=Search+... Quote Link to comment Share on other sites More sharing options...
Guest Lin77 Posted February 10, 2003 Report Share Posted February 10, 2003 Hmm...I've already tried those. Its the wrong one. It needs libcap.so.0 Thanks though. Has anyone here used Ethereal with MDK9.0? Quote Link to comment Share on other sites More sharing options...
paul Posted February 10, 2003 Report Share Posted February 10, 2003 yep ... I just installed it 5 minutes ago, and libpcap and libsnmp is on the cd's Quote Link to comment Share on other sites More sharing options...
Guest Lin77 Posted February 10, 2003 Report Share Posted February 10, 2003 Grr...no wonder. I was doing a search for strictly libcap. Libpcap does provide the right one. Its working now. Thanks. Quote Link to comment Share on other sites More sharing options...
paul Posted February 11, 2003 Report Share Posted February 11, 2003 :lol: damn typo's !!!! Quote Link to comment Share on other sites More sharing options...
Guest LinuxExplorer Posted February 11, 2003 Report Share Posted February 11, 2003 Works like a charm. I have to either restrict the packet size or remember to stop logging so as to not make the actual log too large now. Edit: I've been monitoring the actual traffic and nothing suspicious seems to be happening. I wasn't so sure since I've been installing so many different software packages. Now I can sleep more soundly knowing I can see what's going on this end. :D Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.