Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    New to the CF scene
    Join Date
    Apr 2004
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Ethereal packet sniffer and (*.cap) capture files?????

    I want to view a certain capture file and see what's happening. I want to userstand the attack and explain how the overlapping IP fragments are be used but i have no clue.

    Does anybody know anything about this or know more about it and can inform me on some information about this as to what is going on??? I have no idea how to know what is happening here in this file and was looking for some answers or a website that can teach me.

  • #2
    Regular Coder
    Join Date
    Feb 2004
    Location
    WA
    Posts
    213
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Your question is very vague..
    You want to know how to look at the .cap files? Just open them in Ethereal.
    You want to know if you are being attacked? This could be very hard to determine
    You want to find out how to identify a particular attack when you know that its in the .cap file? You need to understand how the attack works, then look for patterns/clues in the packets.

    If it is just a homework excercise (network security course), then read as many sources about that attack as possible to gain an understanding.

    If it is not, post the cap file here and maybe some of us can take a look and confirm.

    btw, If you are not trying to detect an attack programmatically by looking at the cap file, this topic does not belong in programming section. Maybe a mod can move it to computer/pc discussions to give it more exposure?
    Last edited by Unit; 05-04-2004 at 08:07 PM.
    Nobody is Perfect. I am Nobody.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •