Some comman HTools (Tool 1)
Now on I'll be posting about some common tools i know...
The tools covered here will allow you to do packet crafting, packet sniffing, port binding, and other neat stuff. With that said, let's get on with it!
Being able to see and verify packets is a critical ability. This also applies when you are at home and trying to understand a tool’s output. It also is of importance when you are trying to troubleshoot a problem on your network. So suffice it to say that you really must have a packet sniffer installed on your computer. I have said in the past that you really should simply install windump vice ethereal for it forces you to become familiar with a packet’s contents. Safe to say I have not changed my opinion since then. Seeing as some of you may be installing these tools on Win XP SP2 I have tried to find the tools that will work with it. I have not been entirely successful, so please realize that I would suggest you have as your test box either Windows 2000 Professional or Windows XP SP1. Sadly with the release of SP2 a lot of raw socket functionality was broken. Some tools have been able to compensate for this and others have not.
With that said let’s go and install our packet sniffer that I know works with XP SP2. Please download the tcpdump tool that we will install. The reason I suggest downloading this tool vice the actual windump.exe is that this version will work with XP SP2. I was unable to get windump.exe to work with XP SP2 and simply gave up as I had found this fully functional alternative, which is pretty much exactly the same. Once downloaded simply uncompress it and install it at the root of C drive ie: C:\ You are now ready to sniff packets!
You will note in the screenshot above some sample syntax to invoke it and what it also looks like. Should you wish to learn more about using a packet sniffer like this one simply read these articles. One last word on the use of packet sniffers! You should always have it up and running prior to playing with some tools or exploit code. That way you can verify at the packet level should you need to verify some condition that occurred during your experimentation.
The tools covered here will allow you to do packet crafting, packet sniffing, port binding, and other neat stuff. With that said, let's get on with it!
Sniffing packets
Being able to see and verify packets is a critical ability. This also applies when you are at home and trying to understand a tool’s output. It also is of importance when you are trying to troubleshoot a problem on your network. So suffice it to say that you really must have a packet sniffer installed on your computer. I have said in the past that you really should simply install windump vice ethereal for it forces you to become familiar with a packet’s contents. Safe to say I have not changed my opinion since then. Seeing as some of you may be installing these tools on Win XP SP2 I have tried to find the tools that will work with it. I have not been entirely successful, so please realize that I would suggest you have as your test box either Windows 2000 Professional or Windows XP SP1. Sadly with the release of SP2 a lot of raw socket functionality was broken. Some tools have been able to compensate for this and others have not.
With that said let’s go and install our packet sniffer that I know works with XP SP2. Please download the tcpdump tool that we will install. The reason I suggest downloading this tool vice the actual windump.exe is that this version will work with XP SP2. I was unable to get windump.exe to work with XP SP2 and simply gave up as I had found this fully functional alternative, which is pretty much exactly the same. Once downloaded simply uncompress it and install it at the root of C drive ie: C:\ You are now ready to sniff packets!
Figure 1
You will note in the screenshot above some sample syntax to invoke it and what it also looks like. Should you wish to learn more about using a packet sniffer like this one simply read these articles. One last word on the use of packet sniffers! You should always have it up and running prior to playing with some tools or exploit code. That way you can verify at the packet level should you need to verify some condition that occurred during your experimentation.
posted by Vikas Singhal @ 1:57 AM
0 Comments:
Post a Comment
<< Home