|
4/3 |
2005/2/17 [Computer/Networking] UID:36212 Activity:nil |
2/17 IP/UDP question. How do packet sniffers work? The OS takes care of low level ethernet card stuff and filters out UDP/TCP before they even redirect those packets to applications, so how do sniffers by-pass this mechanism? I'm asking because I'd like to write a sniffer in Java and I'm not even sure if Java can specify low level ethernet frame details and by-pass the filtering/classification process. ok thx. \_ In unix you put a card into promiscuous mode (look at how tcpdump does it.) Unter Windows look into NDIS--it only allows "raw" access to the if for some drivers/hardware. This is why there are no good passive wifi scanners under Windows (correct me if I'm wrong, please.) -John |
4/3 |
|