Intruder Detection with tcpdump: Tcpdump is a widely used and powerful tool that captures, parses, and analyzes network traffic. Created by the Network Research Group at Lawrence Berkeley National Laboratory, Berkeley, California, tcpdump (http://www.tcpdump.org) is deployed with libpcap (a C/C++ library for network traffic capture) and maintained by the libpcap developers (http://sourceforge.net/projects/tcpdump/). With tcpdump, you can analyze large binary files that are too large to view casually with a tool like Wireshark by whittling your file down to only the information pertinent to your investigation. Most distributions have tcpdump installed by default, but if not, use your distro’s package manager. The SourceForge link above has project information as well as the code.
read more
DIGITAL JUICE
No comments:
Post a Comment
Thank's!