Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Packet tools SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Packet tools
There are times in my work, both here for the Internet Storm Center and at the day job, when I need to either capture, generate, or replay IP (generally IPv4, but more and more IPv6) packets.  Over the years, I've found a number of tools to assist in the process.  I just discovered a new (to me) one (scapy, it has apparently been around for a year or two, but I just started playing with it in the last week), so I figured I'd ask our readers for suggestions.  What are your favorites?  Post your suggestions to the contact page and I'll summarize next week.  No need to mention the ones listed below.

* nmap
* ethereal/wireshark
* tcpdump
* hping2
* p0f
* snort
* tcpreplay
* tcptraceroute
* ngrepI will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS Cyber Defence Japan 2021

Jim

419 Posts
ISC Handler
May 4th 2007

Sign Up for Free or Log In to start participating in the conversation!