TCPDUMP | Network Sniffing Tool


Tcpdump is similar to what Wireshark in which i have explained earlier in my posts.  It captures packets that travels through your network into your computer disregarding whether it is from the Internet or your inner network.  Tcpdump is a command line utility whereby you would have to set the options before you proceed in capturing packets.  This application is very useful especially for network administrators as well as security analyst to analyze threats that are in the system.  Personally, i run tcpdump on my Ubuntu laptop.  To get tcpdump on your Ubuntu, type “sudo apt-get install tcpdump”.  The thing is that tcpdump runs in Linux based machines while it is called WinDump in the Windows operating system.  Basically it is up to you to run tcpdump in Linux, WinDump in Windows or Wireshark (Linux/Windows) but the most important thing is how good are you at using it.

Source: http://www.tcpdump.org/

Wireshark | Network Sniffing Tool


Wireshark is one of the tools that help you identify incoming and outgoing packets be it UDP or TCP level, ICMP or IP level.  Wireshark is a tool that intercepts packets and analyze them.  One of the helpful tool that helped me analyze how website POST GET works for my projects, it is considered user friendly thanks to its Graphical User Interface.  The GUI of Wireshark is one of its strong points.  You are able to look at a list of tens and thousands of packets and filter them according to your need with conditional statements.  Wireshark is capable of running in both Linux and Windows. Read the rest of this entry »

TCP / IP Sockets in C | eBook


Are you interested in building your own TCP / IP application in C?  Learn how to make client server applications such as Instant Messaging or apply TCP / IP onto your existing system for further benefit.  By mastering the skills of using sockets in C, you can develop applications that uses the FTP as well as SMTP protocol.  To send email or to connect to your own FTP server as well as searching through Google.  The possibility for using sockets are unlimited!  TCP / IP Sockets in C Practical Guide For Programmers written by Michael J. Donahoo and Kenneth L. Calvert is a good book to start with.  By assuming that you have the basics of C programming, it helps you to master the Winsock functions.  At the end of the day, you will be able to create multi-threaded server that accepts multiple connections at a time.  Apart from that it also gives a brief example of source code for writing a client server using the UDP protocol.

Be reminded that it is TCP / IP for C which means that it is fully focused on C.  However there is a small chapter at the end which gives a guidance in C++.  This book is the best book you can get to jump start your programming skills in handling sockets in C!  Even if you have already learnt sockets, it is a good idea to check the source codes that are taught as their way of coding gives a proper idea on how you should write them well.

Click here to download.

 

Analyzing network packets


Those of you that think of yourself as a hacker, do you know what does a network packet look like?  Have you ever read network packets in your life, do you know how they work?  Take a look in the TCP packet below and try to figure out what the packet is doing as well as getting the source ip address and port of the sender.

00 1c f0 39 8e 45 00 1c  f0 8a a1 71 08 00 45 00
00 34 06 6e 40 00 80 06  9a 0e c0 a8 01 02 45 a2
52 fb c0 a7 00 50 a1 f6  7c bb 00 00 00 00 80 02
20 00 15 25 00 00 02 04  05 b4 01 03 03 02 01 01
04 02

Tips: Think of the packet as an Ethernet frame.