Firewall Wizards mailing list archives
Re: tcpdump for NT
From: "Ryan Russell" <ryanr () sybase com>
Date: Fri, 9 Oct 1998 09:37:02 -0700
The shareware version of L0phtcrack has a promiscous mode packet capture tool. A similar one is available in the pre-release versions of Asmodeus, which might still be available. Neither of those has decodes anywhere close to tcpdump or snoop or commercial tools. You do get the raw packets, though. Perhaps you could make your own decode module if you're trying to monitor something in particular, or find a way to convert it so tcpdump or snoop would decode it after the fact. Available for Win9x (not NT) is Buttsniffer, which is interesting. It has a reasonable vt telnet decode. You can find links to L0phtcrack and Buttsniffer on http://www.l0pht.com Asmodeus used to be availabe at http://www.asmodeus.com Which now forwards to the company that acquired the rights to Asmodeus, but the new version doesn't seem to be there, you can poke around.
From speaking with Mudge and Greg, their sniffers
were done from sample code out of the DDK, and in fact were compatible with each-other. Ryan
does anyone know of a tcpdump utility for NT (freeware)?
Current thread:
- tcpdump for NT mjd (Oct 09)
- <Possible follow-ups>
- Re: tcpdump for NT Ryan Russell (Oct 13)
- Re: tcpdump for NT David LeBlanc (Oct 16)
- Re: tcpdump for NT Don Kendrick (Oct 13)