Parfois, un éditeur hexadécimal pour fouiller dans un fichier data (raw) qui provient d'un pcap ça fait mal à la tête.
York est passé par là. A noter qu'il est possible de faire directement des captures avec ce logiciel.
Quelques précisons, in english :
The columns in the log file are tabulator separated for easy import into Excel or so.
One line in the log file looks like this:
If your need more or other information in the logfile or have feature requests, please send me an mail.
Source : http://thesz.diecru.eu/content/york.php
York est passé par là. A noter qu'il est possible de faire directement des captures avec ce logiciel.
Quelques précisons, in english :
York::Log all network traffic
Description:
- Log source, destination [fqdn or ip address] and packet size of all network traffic on your network, of course also outbound traffic. The network card will be set into promiscuous mode.
- Save sniffed HTTP and FTP files. Just for fun, pictures are shown in a slideshow and in a screensaver like window.
- Sniff for HTTP, FTP, POP3, SMTP, SMB, VNC and AIM password/hash and HTTP cookies like 'GX'.
- Select a client and follow his clicks in your browser. [WebSession]
- Screensaver included. Shows sniffed pictures in a slideshow.
- For advanced user: You can capture traffic into a pcap file, send a pcap file and replay a pcap file.
- For advanced user: You can restrict captured traffic by tcpdump filters.
The columns in the log file are tabulator separated for easy import into Excel or so.
One line in the log file looks like this:
19.08.2003 02:49 [0:01:03] theszdbg <-> www.traffichome.com http 55 kByte 56329 Bytes
Active connections and their data volume:
Sniffed HTTP and FTP files:
Sniffed HTTP, FTP, POP3, SMTP, SMB, VNC and AIM passwords/hash's:
Slideshow of sniffed HTTP and FTP pictures:
Source : http://thesz.diecru.eu/content/york.php
Aucun commentaire:
Enregistrer un commentaire