> -----Original Message----- > From: Kenton Brede [mailto:[EMAIL PROTECTED] > Sent: Monday, 23 February 2004 11:52 AM > To: Perl Beginners > Subject: Re: Network Sniffer Module > > On Sun, Feb 22, 2004 at 05:59:43PM -0500, Jason Normandin > ([EMAIL PROTECTED]) wrote: > > Hi List. > > I am looking for a module that will allow me to perform the > same function as > > the Solaris snoop command via Perl. I have searched CPAN, > but was unable to > > > > I would rather not use the snoop command itself, hence my > module query. > > > > Anyone know if there is one out there? > > I think one of the Pcap modules will work for you - > http://search.cpan.org/search?query=pcap&mode=all > > Or possibly libpcap - > http://search.cpan.org/search?query=libpcap&mode=all > hth, > Kent >
After following the thread on Pcap, I wanted to try it. I've always wanted my linux box to be able to open a firewall port on access rather than always.. Ie, ping -s 616 remote_host ssh remote_host where a sniffer detects the 'long ping' and opens up port 22 to the source of the ping. This is 'security by obscurity, which is no security at all' but its just for fun. My real port-opener is an apache CGI which only opens the port when you satisfy the SSL client certificate requirements and can supply a password.. But I digress. After capturing the packet. I chopped of 14 octets and printed the source and target MAC addresses, and the protocol type. I chopped of 20 more bytes (given protocol 0x800) and printed the source and target IP'addresses and ip protocol type. I chopped of 20 more bytes (given ip protocol = 6 / tcp) and printed source and target port addresses, as well as other 'stuff'. There has to be a module that does this already!!! Isn't there? Please? I can't find one! If there isn't one, there might just be one soon! :-) Cheers. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
