WinPcap 3.0 supports remote capture

[Richard Bejtlich <richard_bejtlich () yahoo com>]

Yesterday I mentioned SVtun
(http://www.cs.tau.ac.il/~nnavi/vtun/) for capturing
packets on one Linux device and analyzing them on a
separate Linux device, in response to a question on
doing the same with Windows and Linux.  It appears
that WinPcap 3.0, released 10 Apr 03 and updated to
3.01 alpha on 13 Jun, supports this experimentally. 
> From the documentation
(http://winpcap.polito.it/docs/man/html/group__remote__help.html):

"This is an highly experimental feature that allows
[you to] interact [with] a remote machine and capture
packets that are being transmitted on the remote
network. This requires a remote daemon (called rpcapd)
which performs the capture and sends data back and a
local client that sends the appropriate commands and
receives the captured data." What is even cooler --
"The [Remote] daemon [rpcapd] can be compiled and it
is actually working on Linux as well." 

Sincerely,

Richard Bejtlich
richard at taosecurity dot com
http://taosecurity.com

__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com


-------------------------------------------------------
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users