pcapdiff and Detecting Packet Injection and Spoofing

By klsh on November 29, 2007 1:35 PM | | Comments (0)

Here is a nice app, and a link to analyzing your traffic for tampering.

pcapdiff

Pcapdiff is a tool developed by the EFF to compare two packet captures and identify potentially forged, dropped, or mangled packets. Two technically-inclined friends can set up packet captures (e.g. tcpdump or Wireshark) on their own computers and produce network traffic between their two computers over the Internet. Later, they can run pcapdiff on the two packet capture files to identify suspicious packets for further investigation. See Detecting packet injection: a guide to observing packet spoofing by ISPs and EFF's Test Your ISP Project for more background.


Tags:

Leave a comment

About this Entry

This page contains a single entry by klsh published on November 29, 2007 1:35 PM.

CCNA Cheatsheet IOS Summary was the previous entry in this blog.

WSU01 Self-Paced Course Wireshark Functionality and Fundamentals is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Search