The most excellent packet sniffing tool, formerly known as etheral, now known as wireshark has recently been updated to ver 1.0.6 This is one of those programs that I find hard to write up. All I can say is, I love it. When I was first learning about network traffic, I tried out etheral. I loved being able to see that raw network traffic. I was amazed at the shear amount of traffic on my LAN. It also stirred my interest in what all these protocols were.
Soon I was using it to uncover malware and where they were phoneing home to. I also used it to get ip addresses of people on IRC when they DCC to me. And just recently I used it at work. Someone forgot their e-mail password and they needed it to get on their web mail. I just fired up wireshark and the launched Outlook. Then I just looked through the log and found to communication to the POP server, and there was the user name and password. Set it up with a wifi card and you can capture some intresting packets.
Then there is Sharkfest, June 15th – 18th at Stanford University which I can only dream of going to.
Here is a beginers video intro to wireshark
One Comment
Your story was really informative, tankhs!