Problem: You want to watch network traffic, searching for strings in the transmitted data
Solution: Use ngrep
To search for packets containging data that matches a regular expression and protocols that match a filter expression:
# ngrep [grep-options] regular-expression [filter-expression]
To search instead for a sequence of binary data:
# ngrep -X hexadecimal-digits [filter-expression]
To sniff packets and save them in a file:
# ngrep -O filename [ -n count] [ -d interface] [-s snap-length] regular-expression [filter-expression]
To read and display the saved network trace data
# ngrep -I filename regular-expression [filter-expression]
Installation: # tar -xvjf ngrep-*tar.gz
# cd ngrep
# ./configure --prefix=/usr/local
# make
and install it into /usr/local as root
# mkdir -p /usr/local/bin /usr/local/man/man8
# make install
Solution: Use ngrep
To search for packets containging data that matches a regular expression and protocols that match a filter expression:
# ngrep [grep-options] regular-expression [filter-expression]
To search instead for a sequence of binary data:
# ngrep -X hexadecimal-digits [filter-expression]
To sniff packets and save them in a file:
# ngrep -O filename [ -n count] [ -d interface] [-s snap-length] regular-expression [filter-expression]
To read and display the saved network trace data
# ngrep -I filename regular-expression [filter-expression]
Installation: # tar -xvjf ngrep-*tar.gz
# cd ngrep
# ./configure --prefix=/usr/local
# make
and install it into /usr/local as root
# mkdir -p /usr/local/bin /usr/local/man/man8
# make install
No comments:
Post a Comment