[Fwd: A different type of sniffer: Hafiye]

[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

[ Data: precedente | successivo | indice ] [ Argomento: precedente | successivo | indice ]

Archivio: Giugno 2002 ml@sikurezza.org
Soggetto: [Fwd: A different type of sniffer: Hafiye]
Mittente: lorenzo
Data: 17 Jun 2002 10:57:29 -0000

pareri..?
-- 

lorenzo
lorenzo@digitalmind.it


Hi guys,

If you looked at the source code for various sniffers, you'll notice that
they all have seperate dedicated .C files for interpreting different
protocols. Why not have a sniffer who can understand and interpret user
supplied protocol details: ?

Here is one: hafiye. Before starting sniffing, hafiye first loads the
knowledge-base files the user has written and forms a knowledge-base for
itself. Hafiye interprets incoming traffic according to this
knowledge-base.

If it did interest you and you want a test drive, here is the tarball url:

http://www.enderunix.org/hafiye/hafiye-1.0.tar.gz

PS. This is the very initial release, and I'm sure there are lots of ideas
that can be developed on top of this model.

Any ideas are welcome.


Shameless self promotion:  ;-P a security related job in Istanbul/Turkey.

________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List

Data:
- precedente: Re: Firewall & RADIUS, Fausto Pasqualetti
- successivo: Re: Bloccare l'accesso ad un server W2000 (livello anche di File System), Enrico Branca
- indice

Argomento:
- precedente: RE: Server applicativi appartenenti al dominio, F.Bernardi
- successivo: [fwd] Consiglio evento di sicurezza, Igor Falcomata'
- indice

[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

www.sikurezza.org - Italian Security Mailing List
(c) 1999-2005