Home
Information
Knowledge
Services
Software
Config
Gallery
Vulnerabilities
Car PC
Links
Contact
Sign


Development Island small logo

Sniff - Overview

Makes output from the tcpdump program easier to read and parse.

This software is now redundant as ASCII support as since been added to tcpdump in version 3.8.

Features

  • Coloured console output
  • Directly accepts tcpdump options (including parsing from packet files)
  • Fully customisable output

Requirements

  • Linux operating system
  • Perl installed
  • tcpdump program installed
  • Privileges in order to run tcpdump


Sniff - Help

Run the following command for help. 

./sniff -h
Sniff options should be placed before the double dash (--) and tcpdump options should be placed after. Here are some examples of how to use sniff.

Capture all incoming FTP packets on eth1 without using colour
As you can see any options after the double-dash "--" are standard tcpdump options. 

./sniff -c -- -i eth1 tcp port 21

Real time logging to a CSV file
The example below uses the following options:

Enclose data with " character (-e\")
Separator lines with the , character (-n,)
Print the separator once only (-t0)
Dont use colour (-c) 
./sniff -e\" -n, -s -t0 -c > /tmp/dump.csv

Converting a tcpdump dumb file into CSV format
First use tcpdump to make the dump file, you must use the "-lx -s 1024" options at least. For example: 

tcpdump -lx -s 1024 -w /tmp/dump.txt
Then run sniff with the required options, note the tcpdump options stating to read from the previously created file. 
./sniff -e\" -n, -s -t0 -c -- -r /tmp/dump.txt > /tmp/dump.csv


Sniff - Changelog

Version 2.3   (18th March 2004)

Tcpdump -n option no longer used as default, to use option just specify it on the command line with your other tcpdump options. Version 2.2   (19th November 2001) Tcpdump option handling bug fixed.
Now supports more tcpdump options. Version 2.1   (10th October 2001) Parsing command line options fixed.
Version option added. Version 2   (6th October 2001) Initial public release.



Sniff - Downloads

VersionFormatSizeDateNotes
2.3Bzip2313k18/04/2004(Latest)
2.3RPM326k18/04/2004Built by Joe Klemmer
2.2Gzip313k19/11/2001