UNIX network programming
Network Algorithmics,: An Interdisciplinary Approach to Designing Fast Networked Devices (The Morgan Kaufmann Series in Networking)
The BSD packet filter: a new architecture for user-level packet capture
USENIX'93 Proceedings of the USENIX Winter 1993 Conference Proceedings on USENIX Winter 1993 Conference Proceedings
Improving the Analysis of Lawfully Intercepted Network Packet Data Captured for Forensic Analysis
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Hi-index | 0.00 |
With the help of software such as packet sniffer one can easily intercept or capture the network packets that travel across the network. The sniffer captures these packets by setting the NIC card in the promiscuous mode and eventually decodes them and they can be used for several fruitful purposes. This paper discusses the different steps for the development of packet sniffer using Linux as a platform. This paper presents a novel approach to the development of a packet sniffer, one which we have employed and added features for packet analysis and intrusion detection. It also lists different steps that can be taken to encounter the malicious use of packet sniffers (e.g. ARP sniffing, SNMP monitoring etc.). Packet sniffer developed by us can be used for network monitoring to prevent bottlenecks when network congestion occurs. The development phase began after studying the behavior of already existing sniffer softwares such as Wire Shark or Ethereal on both Linux and Windows platform. In the development of the packet sniffer a library known as libpcap is used, which is an in built feature of an OS and help us to grab the packets directly from the network card.