每日彙整: 2018-11-09

樹莓派樹莓派之學習樹莓派之教育

OpenWrt 的世界︰樹莓派 3B 【路由器】移星轉斗《四‧五》 Scapy 三‧IP/TCP‧送取收

如果說

tcpdump

tcpdump 是一個執行在命令列下的嗅探工具。它允許用戶攔截和顯示傳送或收到過網路連接到該電腦的TCP/IP和其他封包。tcpdump 是一個在BSD授權條款下釋出[2]自由軟體

tcpdump 適用於大多數的類Unix系統 作業系統:包括LinuxSolarisBSDMac OS XHP-UXAIX 等等。在這些系統中,tcpdump 需要使用libpcap這個捕捉資料的。其在Windows下的版本稱為WinDump;它需要WinPcap驅動,相當於在Linux平台下的libpcap.

 

一個『取』字

pcap

In the field of computer network administration, pcap (packet capture) consists of an application programming interface (API) for capturing network traffic. Unix-like systems implement pcap in the libpcap library; Windowsuses a port of libpcap known as WinPcap.

Monitoring software may use libpcap and/or WinPcap to capture packets travelling over a network and, in newer versions, to transmit packets on a network at the link layer, as well as to get a list of network interfaces for possible use with libpcap or WinPcap.

The pcap API is written in C, so other languages such as Java, .NET languages, and scripting languages generally use a wrapper; no such wrappers are provided by libpcap or WinPcap itself. C++ programs may link directly to the C API or use an object-oriented wrapper.

Features

libpcap and WinPcap provide the packet-capture and filtering engines of many open source and commercial network tools, including protocol analyzers (packet sniffers), network monitors, network intrusion detection systems, traffic-generators and network-testers.

libpcap and WinPcap also support saving captured packets to a file, and reading files containing saved packets; applications can be written, using libpcap or WinPcap, to be able to capture network traffic and analyze it, or to read a saved capture and analyze it, using the same analysis code. A capture file saved in the format that libpcap and WinPcap use can be read by applications that understand that format, such as tcpdump, Wireshark, CA NetMaster, or Microsoft Network Monitor 3.x.

The MIME type for the file format created and read by libpcap and WinPcap is application/vnd.tcpdump.pcap. The typical file extension is .pcap, although .cap and .dmp are also in common use.[4]

History

libpcap was originally developed by the tcpdump developers in the Network Research Group at Lawrence Berkeley Laboratory. The low-level packet capture, capture file reading, and capture file writing code of tcpdump was extracted and made into a library, with which tcpdump was linked.[5] It is now developed by the same tcpdump.org group that develops tcpdump.[6]

 

開天下!

那麼 Scapy 補上『送』『收』二字真言,修『大盜』耶?