Chapter 10. Writing Network SniffersAn important function of many security tools is to capture network traffic and then either reassemble it or extract information from the network packets flowing across the network. Common examples of such tools include password sniffers such as dsniff (http://monkey.org/~dugsong/dsniff/) and Ettercap (http://ettercap.sourceforge.net/), and diagnostic, troubleshooting, and monitoring tools such as ntop (http://www.ntop.org) and Snort (http://www.snort.org). This chapter provides a quick and practical introduction to packet capture using the commonly available libpcap library on wired and wireless networks, and is intended to accelerate and simplify the process of creating a packet-capturing tool. |