• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Wireshark(ethereal) & Snort

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Security Related Software

View previous topic :: View next topic  
Author Message
Tobywuk
Just Arrived
Just Arrived


Joined: 09 Oct 2006
Posts: 0


Offline

PostPosted: Mon Feb 26, 2007 2:45 pm    Post subject: Wireshark(ethereal) & Snort Reply with quote

Hello,

What is teh diffrence between wireshark and snort? and what can each be used for? I have been fiddling with both and they seem to both do the same thing. The only diffrence i can find is that snort is command line where wireshark has a GUI


Is it possible to send an ack Packet in reply to a syn-ack with wireshark to hijack a connection, or is another program needed?
Back to top
View user's profile Send private message Visit poster's website
v
Just Arrived
Just Arrived


Joined: 21 Feb 2007
Posts: 0
Location: #openbsd @ irc.freenode.net

Offline

PostPosted: Mon Feb 26, 2007 11:02 pm    Post subject: Reply with quote

Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rule based language to describe traffic that it should collect or pass, and a modular detection engine.

More on Snort:
http://en.wikipedia.org/wiki/Snort_%28software%29


Wireshark (fka Ethereal) is is the most widely used network protocol analyzer/packet sniffer in the world. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, viewing summary and detail information for each packet. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. A text-based version called ethereal is included. This tool that hackers and network admins preferred tool.

Some more info:
http://en.wikipedia.org/wiki/Wireshark

And a Top 100 Network Security Tools.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Security Related Software All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register