Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Network Sniffer On Steroids

Posted by kdawson on from the data-seepage dept.

QuantumCrypto writes "Errata has developed a new network sniffer, dubbed 'Ferret,' that looks for traffic using 25 protocols, including those for the popular instant message clients as well as DHCP, SNMP, DNS and HTTP. This means the sniffer will capture requests for network addresses, network management tools, Web sites queries, Web traffic and more. 'You don't realize how much you're making public, so I wrote a tool that tells you,' said Robert Graham, Errata's chief executive. Errata has released the source code to this version 1.0, 'feature-poor and buggy' tool on its site. Anyone with a wireless card will be able to run it, Graham said."

9 of 129 comments (clear)

  1. Wireshark? by Hackeron · · Score: 5, Interesting

    How is this different to say wireshark or any other traffic analyzer?

    1. Re:Wireshark? by $RANDOMLUSER · · Score: 5, Funny

      How is this different to say wireshark or any other traffic analyzer?
      Duh. It's on steroids.
      --
      No folly is more costly than the folly of intolerant idealism. - Winston Churchill
    2. Re:Wireshark? by Hackeron · · Score: 5, Informative

      After reading their presentation and other material, here's how it's different to wireshark -- the packet analyzer part is just one of it's features:

      1) It can respond to various requests like DHCP requests (so it's like a lightweight collection of servers?)
      2) It has a port scanner to show running services (like nmap)
      3) It has kismet/netscambler functionality to break into wireless access points
      4) They go on and on about it not looking at data leakage but intential data like startup programs querying servers, etc -- After 6-7 pages of explaining this I still don't see the difference...

      At the end of the day, this looks like wireshark+nmap+kismet tied together made for the intent of tracking desired actions like buying new hardware in a firm

      So looks like move along, nothing to see her to me but I get the steroid bit now

  2. Re:Broadcom cards? by Kadin2048 · · Score: 5, Insightful

    Broadcom chipsets are absolute and utter crap. DO NOT USE THEM.

    The problem is that you could toss out your crappy, but admittedly working, Broadcom-based card, and inadvertently pick up a Marvell one instead, or one of the newer ones that have some sort of proprietary binary blob firmware that gets loaded by the driver, and will probably never, ever have legitimate Linux drivers.

    If you have a wireless card that actually works on Linux, here's a piece of advice: get on your knees and thank the diety of your choice for smiling on you, and not leading you astray into the Purgatory of identical-model-number-but-different-chipsets, or the Hell of alpha-quality drivers. And then, don't mess with anything.

    And if you got AES working, sacrifice a goat.

    --
    "Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
  3. I've seen this before by ciaran.mchale · · Score: 5, Funny
    A Network Sniffer On Steroids.

    I've seen this before. It starts off with steroids, but pretty soon the network sniffer moves on to crack cocaine. A short while later, he takes a job as a fluffer in midget porn movies to feed his habit.

  4. Re:Broadcom cards? by caluml · · Score: 5, Insightful

    If you have a wireless card that actually works on Linux,

    Just check what card it is before you buy, and don't buy any that don't have Open Source, native Linux support. It's what I do. Cisco, Orinoco, the new Intel IPW drivers.
    If you buy something that doesn't work, don't cry when it doesn't work.

    --
    Get your own free personal location tracker
  5. Wow! 25 protocols? by A+Guy+From+Ottawa · · Score: 5, Funny

    Incredible... they support 25 protocols!!!

    And to think I used to use Wireshark/libpcap which is open source, available on almost every platform, is not buggy, and supports hundreds of protocols. It even has a graphical user interface.

    But I think these guys are really on to something...

    --

    using System.Awesome;

  6. OT: Linux compatible, and tasty, too? by Anonymous Coward · · Score: 5, Funny
    I just went over to Amazon to check the prices on some of those cards, and this completely made my day. (Look at the "Technical Details")

    Proxim 8482-FC ORiNOCO Wireless 11a/b/g PCI Card, $82.27

    Technical Details

            * One 6.5-ounce package
            * Made with enriched wheat flour and natural vanilla flavoring
            * 100% cholesterol free and sweetened with sorbitol
            * America's number one brand of sugar-free cookies
            * Creme-filled, vanilla cookies perfect for low-carb diets
    Do you think they're RoHS-compliant, too?
  7. Not on steroids, not for linux. by WK2 · · Score: 5, Funny

    They include the source code, and say that it "should" compile in linux. However, it uses many Windows-specific variable types. This code will not be cross compatible without a major overhaul.

    This program is not ethereal on steroids. It's more like ethereal and kismet got drunk, had sex, and had a retarded baby, which they named ferret.

    --
    Write your own Choose Your Own Adventure. http://www.freegameengines.org/gamebook-engine/