HPE Community
Operating System - HP-UX
1822152 Members
3841 Online
109640 Solutions
New Discussion юеВ

Re: Port Sniffer for HPUX..

 
SOLVED
Go to solution
Bharat Katkar
Honored Contributor

тАО01-10-2006 08:28 PM

тАО01-10-2006 08:28 PM

Port Sniffer for HPUX..

Hi Friends,

I would like monitor packets coming on the NIC interface. Can anybody suggest me a proper tool, command or process to do so.

I am using 11.23 Sep 2004 OS.
Hardware is RP3400 Systems

Thanks for your valuable suggestions.

Regards,
Bharat


You need to know a lot to actually know how little you know
0 Kudos
11 REPLIES 11
Senthil Prabu.S_1
Trusted Contributor

тАО01-10-2006 08:33 PM

тАО01-10-2006 08:33 PM

Re: Port Sniffer for HPUX..

Hi,
You can use sniffer, open source sniffer available. Also, use tcpdump, ethereal.

These ported version are available with HP's Internet Express.


HTH,
Prabu.S
One man's "magic" is another man's engineering. "Supernatural" is a null word.
0 Kudos
Muthukumar_5
Honored Contributor

тАО01-10-2006 08:33 PM

тАО01-10-2006 08:33 PM

Re: Port Sniffer for HPUX..

Bharat,

Use snort. It is good one.

http://gatekeep.cs.utah.edu/hppd/hpux/Networking/Admin/snort-2.3.3/

Hope you are doing great. :)

--
Muthu
Easy to suggest when don't know about the problem!
0 Kudos
Senthil Prabu.S_1
Trusted Contributor

тАО01-10-2006 08:34 PM

тАО01-10-2006 08:34 PM

Re: Port Sniffer for HPUX..

Hi,
sorry, there was typo in my previous mail. The tool name is "snort" not "Sniffer".
homepage is www.snort.org.
One man's "magic" is another man's engineering. "Supernatural" is a null word.
0 Kudos
Arunvijai_4
Honored Contributor

тАО01-10-2006 08:35 PM

тАО01-10-2006 08:35 PM

Re: Port Sniffer for HPUX..

Hi Bharat,

You can use TCPDUMP, Ethereal from Internet Express, Also it has got SSLDUMP for capturing SSL packets and Libpcap library.

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1111


-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Muthukumar_5
Honored Contributor

тАО01-10-2006 08:36 PM

тАО01-10-2006 08:36 PM

Re: Port Sniffer for HPUX..

Come on Prabhu. Bharat, prabhu was porting snort to hpux platforms. He is good in that. As per recommendation you can use that. More well to use simple tool then use ethreal or tcpdump tools. Which are coming with Internet Express product as,

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1111

--
Muthu
Easy to suggest when don't know about the problem!
0 Kudos
Senthil Prabu.S_1
Trusted Contributor

тАО01-10-2006 08:36 PM

тАО01-10-2006 08:36 PM

Re: Port Sniffer for HPUX..

Hi,
snort hpux ported version is aviable at http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1123
One man's "magic" is another man's engineering. "Supernatural" is a null word.
0 Kudos
Arunvijai_4
Honored Contributor

тАО01-10-2006 08:40 PM

тАО01-10-2006 08:40 PM

Re: Port Sniffer for HPUX..

Snort is part of Internet Express ;-) and it is Intrusion detection system, not as port sniffer. Better use, TCPDUMP.

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Senthil Prabu.S_1
Trusted Contributor

тАО01-10-2006 08:50 PM

тАО01-10-2006 08:50 PM

Re: Port Sniffer for HPUX..

Arun,
Snort can play three roles. Intrusion Detection is one role. It can also sniff as well like, tcpdump.

Also, once you get used to snort, you can play a lot with it by defining used defined rules to snif needed ports and protocols..... it goes on.



Bharat,
I advice you to use Ethereal for analysing as well as sniffing.
One man's "magic" is another man's engineering. "Supernatural" is a null word.
0 Kudos
Arunvijai_4
Honored Contributor

тАО01-10-2006 09:51 PM

тАО01-10-2006 09:51 PM

Solution

Re: Port Sniffer for HPUX..

Hi Again,

No arguments that you can use Snort for port sniffing as well, but that is not what it was designed for. You can use ethereal which has got X11 interface or you can use "tethereal" command line tool like "tcpdump".

You can see more tools here,
http://www.networknewz.com/2001/0723.html

It has dniff, Analyzer, etc...

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
rick jones
Honored Contributor

тАО01-11-2006 12:36 PM

тАО01-11-2006 12:36 PM

Re: Port Sniffer for HPUX..

If you have a compiler (a real one, not the bundled) installed the "top-of-trunk" versions of tcpdump/libpcap typically compile out of the tar file under HP-UX, if you want something newer than is in HP Internet Express.
there is no rest for the wicked yet the virtuous have no pillows
0 Kudos
Bharat Katkar
Honored Contributor

тАО01-11-2006 04:46 PM

тАО01-11-2006 04:46 PM

Re: Port Sniffer for HPUX..

Thanks a Lot friends.
Closed...
You need to know a lot to actually know how little you know
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.