[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-linux
Subject: [kde-linux] KSnuffle Network Sniffer 2.3 available
From: Mike Richardson <mike () quaking ! demon ! co ! uk>
Date: 2001-10-11 8:46:39
[Download RAW message or body]
Quick preamble. I'm pretty busy on other things these days, so ksnuffle
has not been getting much attention. So, is there anyone out there who
would like to take over from me, please! I can point you at a list of
things that I think need doing :))
Mike
----------[ The New Version Announcement ]---------
KSnuffle, the KDE network packet sniffer, is now available for download
from:
ftp://195.92.31.34/ksnuffle-2.3/ksnuffle-2.3.tgz
This version has been built against KDE2.1 and KDE2.2
The manual pages are online at
http://www.quaking.demon.co.uk/ksnuffle.manual
The main change since 2.1 is a work-around for the KDE
feature whereby setuid programs will not be run. Please see the manual
pages (online at http://www.quaking.demon.co.uk/ksnuffle.manual) for
comments about root and setuid-root execution, notably sections 2.4
and 7.2). If you run ksnuffle as root, or setuid root, YOU DO SO AT
YOUR OWN RISK! Alternatively, you can use kdesu to run ksnuffle.
Version 2.3 will also now install other than as root (for instance if
kde has been installed other than as root). Thanks to whoever pointed this
aout to me, sorry about no reply, email disaster followed :-(
Version 2.3 fixes compile problems on recent versions of gcc, notably
to do with inclusion of the "time.h" header file.
Please note that if the remote sniffer interface is not compatible with
2.0 and earlier versions. If you use remote sniffers, then you will need to
reinstall the rsnuffle daemon.
Regards
Mike Richardson
mike@quaking.demon.co.uk
-----[The Actual Announcement]----------------------------------------
KSnuffle is a network packet sniffer for KDE. Features include:
* Basic filtering and packet selection via the GUI
* Advanced filtering and packet selection via filter programs
* Multiple concurrent monitors
* Text and binary logging, plus replay of binary log files
* Textual display of network traffic overview
* Full(er) details of protocol and application data available
* Display of data in TCP/IP streams
* Network load histograms and time-averaged load display
* Parallel display of multiple load histograms
* Save and restored filter and packet selection configurations
* Support for use by selected non-root users (setuid workaround)
* Plugin support - 2.3 contains plugins for
* TCP/IP stream monitoring
* DNS lookup monitoring,
* Traffic summaries
* End-to-End summaries
In its current state it is, so far as I can tell, quite reliable. The
main area where is is lacking is actually decoding different network
packets. At the moment, it handles basic decoding of TCP/IP and UDP/IP,
plus ARP/RARP and ICMP. Packet decoding does not go down into the
application level except for DNS packets.
Also, KSnuffle uses libpcap-0.4, as used by tcpdump. As I only have access
to Linux boxen, I cannot build or test it for any other Unix. I'd be
interested if anyone else could try. Version 2.2 has slightly modified
libpcap makefile's, and does not attempt to install the library (it is
statically linked into KSnuffle).
KSnuffle is available from ftp://195.92.31.34/pub/ksnuffle-2.3/ ; there
is a homepage at http://www.quaking.demon.co.uk/ksnuffle.html. The latter
contains some screen shots and other information. The manual pages are
online at http://www.quaking.demon.co.uk/ksnuffle.manual
--
mike@quaking.demon.co.uk
http://www.quaking.demon.co.uk
___________________________________________________
This message is from the kde-linux mailing list.
Account management: http://mail.kde.org/mailman/listinfo/kde-linux.
Archives: http://lists.kde.org/.
More info: http://www.kde.org/faq.html.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic