I've had great success using Net::Pcap, on both, Windows (myself) and Linux (reported by others). It has the great advantage of being able to use/read ethereal capture files, so you are not restricted to live captures only and don't need to cook up your own capture format. You can capture conveniently with ethereal and then analyze with Perl. I wrote Sniffer::HTTP using Net::Pcap.
| [reply] [Watch: Dir/Any] [d/l] [select] |
| [reply] [Watch: Dir/Any] |
Wow. That's exactly what I was looking to do :-) Thanks a CPAN bundle!
| [reply] [Watch: Dir/Any] |
| [reply] [Watch: Dir/Any] |
| [reply] [Watch: Dir/Any] |
I'm just getting back in to perl and wrote a little script with Net::RawIP. I have not compared RawIP to the other modules mentioned, but after I got through what for me was some confusing documentaion and undocumented examples, I was fine and it worked well. I needed the ability to both send and receive IP packets, thus Net::Pcap was not an option.
If your class is about security of communications then I'd strongly suggest that you use RawIP. Much more can be done to manipulate communications and break security if one can introduce as well as observe traffic in Man-in-the-Middle scenarios. Even if that is not what your current assignment would require, you'd already have the experience working with RawIP for when you do need to inject or intercept and rewrite packets. It is probably obvious from my nym that I am working on doing that for SIP and the VoIP systems dependent on it.
If one is trying to use Net::RawIP, the example that is best to follow is the traceroute. I'm not even sure some of the others will work with recent versions of perl. I have a version of traceroute where I made detailed comments on what was supposed to be happening for my own understanding, please ask if you'd like a copy before I get it cleaned up enough to submit to the RawIP author.
Net::RawIP is not supported by Activestate on Windows and will require a C compiler to build. If anyone has built it and can share the binaries, please let me know. I will get to it someday, but if someone can beat me to it, it's one less thing to do.
HTH, Sip Phreak | [reply] [Watch: Dir/Any] |
gri6507,
I would recommend using the Super Search tool and searching for the two modules you are looking at.
Hope this helps.
Martin | [reply] [Watch: Dir/Any] |