LinuxWorld Australia: Linux Primer for Networkers: Using the Sniffer
May 07, 2006, 21:00 (1 Talkback[s])
(Other stories by Greg Schaffer)
"A few years back, I used an old 486 running Red Hat Linux and
tcpdump to easily diagnose a client's denial-of-service attack,
illustrating the benefits of creating a powerful network analysis
tool from 'scrap' parts. There are plenty of tools to build a
similar Windows-based network analyzer, but Linux can run on
machines that can't efficiently run Windows.
"I will now show you how to test the system and install libcap,
a package that grabs network packet data; tcpdump, a basic but
crucial sniffer package that displays that data sequentially; and
iptraf, which presents trends and summaries of the data..."