sniffing

I'd like to somehow hook into the local system's network stack to capture outgoing network packets without using Winpcap. Unfortunately it tends to crash my system every now and then. Is there a way to "sniff" outgoing traffic of the local system from a user space process written in a .NET language? What you want is the Network Monitor API . More here and here . I use smsniff from NIRSOFT. You need to be admin on the machine to sniff any traffic. http://www.nirsoft.net/utils/smsniff.html I have never seen .net used to sniff traffic. But maybe NetMon from Microsoft has a COM interface you call

I need to write a packet sniffer in Linux that detects HTTPS packet that are sent and save the url from the request. I found code for this in security-freak and ran it. This code runs and only sniffs the received packet but I need to get the sent packet in the sniffer. How do I get the sent packet in this code? I can't use any library like libcap (forbidden). The code is : sniffer.c You should be using ETH_P_ALL instead of ETH_P_IP as the protocol. ETH_P_IP only listens for incoming IP packets. Why can't you use any library? Homework? It's hard to answer without having examples from your code,

I am writing a program with a Raw Socket in promiscuous mode and I need the raw socket not sniff the packet I send. I need to read only the data over the ethernet rx wire (not the tx wire). It's posible? Thanks a lot. The solution is to look in the read packet if it is a PACKET_OUTGOING. Using this option you can diference the packet you put in the ethernet tx wire and the packet you read from the rx wire. Open the Socket in promiscuous mode: char* i = "eth0"; int fd; struct ifreq ifr; struct sockaddr_ll interfaceAddr; struct packet_mreq mreq; if ((fd = socket(PF_PACKET,SOCK_RAW,htons(ETH_P

I'd like to know how can I intercept packets sent by a certain application and then to check what those packets contain. I need some advice what to do because I've never done such a thing and I want to learn by myself. Harsh Baid Pcap.Net Pcap.Net is a .NET wrapper for WinPcap written in C++/CLI and C#. It Features almost all WinPcap features and includes a packet interpretation framework. SharpPcap SharpPcap is a cross-platform packet capture framework for the .NET environment, based on the famous pcap / WinPcap libraries. It provides an API for capturing, injecting, analyzing and building

When i run a simple packet sniffer coded in C on my Mac OS X, i got no output at all, this is a strange thing! can someone help me to understand what going on. #include <stdio.h> #include <stdlib.h> #include <string.h> #include <sys/socket.h> #include <netinet/in.h> #include <arpa/inet.h> int main(void) { int i, recv_length, sockfd; u_char buffer[9000]; if ((sockfd = socket(PF_INET, SOCK_RAW, IPPROTO_TCP)) == -1) { printf("Socket failed!!\n"); return -1; } for(i=0; i < 3; i++) { recv_length = recv(sockfd, buffer, 8000, 0); printf("Got some bytes : %d\n", recv_length); } return 0; } I compile

How can I sniff packets from my iPhone on my network? can someone give me some instructions? I tried Googling, but nothing teaches how to sniff iPhone packets、 I am on windows. You can use Paros to sniff the network traffic from your iPhone. See this excellent step by step post for more information: http://blog.jerodsanto.net/2009/06/sniff-your-iphones-network-traffic/ . Also, look in the comments for some advice for using other proxies to get the same job done. One caveat is that Paras only sniffs HTTP GET/POST requests using the method above, so to sniff all network traffic, try the

I am using a program that talks to my COMM port, but I have made another program that I want to "sniff" the comm port messages and perform it's own actions against those messages in addition. Is this possible in .NET c#? There are third party libraries/tools/products that expose the traffic f you are interested. Here is one I used for serial port emulation - but I think it provides something you can use: http://com0com.sourceforge.net/ If you have control over the first program that talks to you COMM port, why not change the program to pass data received from the port to the 2nd program of