Packet suckers?

[David Carmean <dlc () halibut com>]

Any of y'all running packet suckers outside your filters to see 
what the kidz are up to?  I've been playing with some patches 
Hobbit made to tcp_wrappers, which sends telnet escapes to ask for 
telnet environment variables, and various other strings to egg 
on other clients.

It's a little clunky to configure/use, though.  Wondering 
if there are other packet sinks/suckers around for research 
like this, or if most folks write their own?

I'm really not a programmer, but I'm contemplating trying to 
hack LaBrea to do this kind of stuff before it optionally 
tries to capture and hold the connection.

Thanks...



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com