Vulnerability Development mailing list archives
A different type of sniffer: Hafiye
From: Kullanici Tarum <tarumnabalab () enderunix org>
Date: Wed, 12 Jun 2002 22:51:45 +0300 (EEST)
Hi guys, If you looked at the source code for various sniffers, you'll notice that they all have seperate dedicated .C files for interpreting different protocols. Why not have a sniffer who can understand and interpret user supplied protocol details: ? Here is one: hafiye. Before starting sniffing, hafiye first loads the knowledge-base files the user has written and forms a knowledge-base for itself. Hafiye interprets incoming traffic according to this knowledge-base. If it did interest you and you want a test drive, here is the tarball url: http://www.enderunix.org/hafiye/hafiye-1.0.tar.gz PS. This is the very initial release, and I'm sure there are lots of ideas that can be developed on top of this model. Any ideas are welcome. Shameless self promotion: ;-P a security related job in Istanbul/Turkey.
Current thread:
- A different type of sniffer: Hafiye Kullanici Tarum (Jun 12)