Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Sniffing an established port
Special Forums IP Networking Sniffing an established port Post 74593 by kapslock on Friday 10th of June 2005 03:41:28 PM
Old 06-10-2005
I guess the setup is like this:

There's a client running on a solaris box, and is receiving data.

Please note that servers specify ports they send the data on. Client don't necessarily specify the port they want to listen to the server data on.

So you may or may not know the port on which this client is receiving data.

You may want to use a portscanner like ngrep or a packet capture utility like tcpdump or ethereal to know the port on which this client is receiving data.

Although you can "see" the data using your packet capture tools, to write your own application to read that data isn't that straightforward. This however might be necessary if you want to do some special processing on the data (decrypt it, for example).

In that case, you can
1. See if you can open a socket to the actual source from which the solaris box A is receiving data.
2. See if you can write a small server program that allows you to write a client to get this data. The server program would get data from this A:B client.

Kapil Sharma
 

9 More Discussions You Might Find Interesting

1. Programming

Pcap.h Sniffing

Can someone please help me figure out how to use pcap.h to sniff packets between only 2 computers whose mac addresses are know? Thanks (0 Replies)
Discussion started by: papabearcares
0 Replies

2. Shell Programming and Scripting

Pcap.h Sniffing

Can someone please help me figure out how to use pcap.h to sniff packets between only 2 computers whose mac addresses are know? Thanks (0 Replies)
Discussion started by: papabearcares
0 Replies

3. What is on Your Mind?

Wired keyboard sniffing

Are we safe using the everyday wired keyboard? Although this concept is old, I had never seen an actual implementation on the matter until a few days ago. (Four ways of sniffing the electromagnetic emanations of wired keyboards currently on the market in up to 20 meters.) Check the videos at:... (2 Replies)
Discussion started by: redoubtable
2 Replies

4. Programming

Memory sniffing in linux

I am trying to create an application that will be able to sniff memory of other applications. I am not completely new to systems programming but I am not sure how to go about this task. I understand that accomplishing this mainly require these steps. 1: Get a list of processes 2: Find the... (2 Replies)
Discussion started by: mosey
2 Replies

5. HP-UX

[HP-UX] Established ports although LAN is disconnected.

Hi, I have a few questions. There is a CORBA connection between 2 HP-UX 11.11i hosts. Then the LAN of the 2nd host is pulled. On the 1st host all connections disappear, as expected. But on the 2nd host all connections still are present, as established. With lsof one can see that the... (2 Replies)
Discussion started by: ejdv
2 Replies

6. Solaris

Established connections causing lag?

I'm not to sure how to go about this questions, so I will just ask it and then get criticized. How many Established connections should a V440 be able to support? (4 Replies)
Discussion started by: adelsin
4 Replies

7. IP Networking

ESTABLISHED web process??

I put lsof -i -P -n into the terminal and this is the output. I believe i am being hacked?? lsof -i -P -n COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME SystemUIS 1578 melodysneed 9u IPv4 0x07d608ec 0t0 UDP *:* SystemUIS 1578 melodysneed 11u IPv4 0x0ba68810... (5 Replies)
Discussion started by: melodysneed
5 Replies

8. Red Hat

Help: Find established conn source

Hi Friends, On one of my server which having direct connection to internet without firewall ..am seeing a established connection with SSH .. am not getting how ..there no login but I can see this established connection . ## have hidden original IPs with below notations for security concerns .... (0 Replies)
Discussion started by: Shirishlnx
0 Replies

9. Solaris

How to find port number wwn of particular port on dual port HBA,?

please find the below o/p for your reference bash-3.00# fcinfo hba-port HBA Port WWN: 21000024ff295a34 OS Device Name: /dev/cfg/c2 Manufacturer: QLogic Corp. Model: 375-3356-02 Firmware Version: 05.03.02 FCode/BIOS Version: BIOS: 2.02; fcode: 2.01;... (3 Replies)
Discussion started by: sb200
3 Replies

LEARN ABOUT DEBIAN

efax-gtk-socket-client

efax-gtk-socket-client(1)				      General Commands Manual					 efax-gtk-socket-client(1)

NAME

       efax-gtk-socket-client - a client of efax-gtk to work with lpd/lprng

SYNOPSIS

       efax-gtk-socket-client [hostname] [port]

DESCRIPTION

       This program enables lpd/lprng to access the efax-gtk socket server. Meaning the user can send faxes to a printer, which will ack as a fax.

       It  takes  two arguments - first a hostname to connect to, and secondly a port number at that hostname to connect to.  All efax-gtk-socket-
       client does is to read from standard input (in this case from lpd/lprng) and passes it to a socket at the hostname and port  number  passed
       as arguments to it (namely the hostname of the computer efax-gtk is running on - normally you would specify localhost - and the port number
       of the socket).

       fax:
	    :sd=/var/spool/fax:
	    :mx#0:
	    :sh:
	    :lp=/dev/null:
	    :if=/var/spool/fax/efax-gtk-faxfilter:

       This will cause a printer by the name of "fax" to be available, which (if printed to) will send the file to the efax-gtk socket server.	If
       you  set  efax-gtk  to  listen on a port other than port 9900, you will need to amend the file /var/spool/fax/efax-gtk-faxfilter by hand to
       specify the correct port number on which efax-gtk is listening.

       Don't forget to restart the lpd printer daemon after amending /etc/printcap.

OPTIONS

       [ hostname ] - The name of the host to listen to. Usually should be locahlhost.
       [ port ] - the port number to listen to on the [ hostname ].

SEE ALSO

       efax(1), efax-gtk(1).

AUTHOR

       efax-gtk-socket-client was written by  Chris Vine <chris@cvine.freeserve.co.uk>.

       This manual page was written by Lior Kaplan <kaplan@debian.org>, for the Debian project (but may be used by others).

								   July 18, 2006					 efax-gtk-socket-client(1)
All times are GMT -4. The time now is 05:56 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy