On Tue, 14 May 1996, Doug Hughes wrote: > In light of the recent revival of interest in the TCP SYN probe > that were undetected by conventional daemon means (e.g. klaxon), > I wrote a promiscuous network monitor that runs as a packet filter > and will catch any packet on the network that matches services > that are given to the program as command line arguments. So far > it runs on SunOS4.1.X (NIT) and Solaris2.X(DLPI). Individuals > interested in running it on other architectures would need to > do some porting. The DLPI code should be portable to other DLPI > implementations. On SunOS and Solaris all you have to do is type > Make. The README explains options, history, and implementation. > > This is a good idea. I have also written a similar tool, although mine logs all syn packets. It uses the libpcap interface. Should compile under linux, freebsd, irix, sunos, solaris, etc. It is available at http://www.saturn.net/~brian/files/clog-001.tar.gz (libpcap is not included with the distribution). Brian Mitchell brian@saturn.net Public key available http://www.saturn.net/~brian/pubkey "I never give them hell. I just tell the truth and they think it's hell" - H. Truman