Linux Today: Linux News On Internet Time.

USB sniffing on linux

Mar 19, 2009, 17:02 (0 Talkback[s])

"But while it's all easily parsed if you need it, there aren't really any tools around that do it for you. That is... except for libpcap. Libpcap is the power behind the throne of the venerable tcpdump tool. Tcpdump is not much more than a command line parser and pretty-printer of various network protocols. The heavy duty lifting is done by libpcap, not least by providing a cross-platform API for sniffing devices, something that is otherwise non-standard and different on every platform. It's great, I've used it before (in capstats) and it's very easy to use.

"Libpcap on linux supports usbmon sniffing, which means you can use tcpdump to sniff a USB port and write this to a capture file. But best of all: wireshark, the all-singing all-dancing network analyzer that uses tcpdump capture files, has USB support as well. So this is the result:"

Complete Story

Related Stories: