|
I can capture only the responses not the messages in contrary to your screenshot, what is wrong, I hope you respond fast, as time is critical with me. I use your tool in protocol analysis
Thanx in advance.
|
|
|
|
|
Hi,
Does this code shows all the IPs of all computers in a local network?
///////////////////////////////////////////////////////////////////////
// For Win32. link with wsock32.lib :
WSAData wsa1;
if (WSAStartup(MAKEWORD(1, 1), &wsa1) != 0)
return -1;
char shostname[255];
int e;
e=gethostname(shostname, sizeof(shostname));
if (e != 0) {
e= WSAGetLastError ();
return -1;
}
struct hostent *phost = gethostbyname(shostname);
if (phost == 0)
return -1;
for (int i = 0; phost->h_addr_list[i] != 0; ++i) {
struct in_addr addr;
memcpy(&addr, phost->h_addr_list[i], sizeof(struct in_addr));
//ip address is inet_ntoa(addr)
char oip[50];
strcpy(oip,inet_ntoa(addr));
//m_server.AppendText(oip);
}
////////////////////////////////////////////////////////////////
If the answer is no, So what can I do?
When I test some codes they only gave me the Ips of computers that were
configured with Network Setup Wizard.
Please Help me!
Thanks.
|
|
|
|
|
MSDN says:
BOOL GetIpAddress(char *hostname)
{
WCHAR msg[128];
HOSTENT *lpHost=NULL;
struct sockaddr_in dest;
lpHost = gethostbyname(hostname);
if (lpHost == NULL)
{
wsprintf(msg, L"gethostbyname failed: %d", WSAGetLastError());
MessageBox(NULL, msg, NULL, MB_OK);
}
else
{
for(int i=0; lpHost->h_addr_list[i] != NULL ;i++)
{
memcpy(&(dest.sin_addr), lpHost->h_addr_list[i],
lpHost->h_length);
wsprintf(msg, L"IP address is: '%S'",
inet_ntoa(dest.sin_addr));
MessageBox(NULL, msg, L"IP Address", MB_OK);
}
}
return 0;
}
|
|
|
|
|
|
|
I am very much intersted in writing a packet sniffer myself. As I am novice in this area can anybody advice me as to how should I begin and proceed.
s
|
|
|
|
|
Any idea to make it work in Win98
Thanks
|
|
|
|
|
You can't do this in 98 using Winsock.
You must use other libraries like WinPCap
|
|
|
|
|
Hi,
I have downloaded your article and given 5/5. I have understood most of them, but it would be quite good if you can elaborate on the following functions.
bool CSnifferDlg::ParseTCPPacket(const CString& source, const CString& destination, TCP_HDR* pTCPHeader, char* pData, unsigned long len )
and structure
struct Session
{
unsigned int sourcePort, destPort;
CString sourceIP, destIP;
Session* pOtherSide;
tcp_seq ISN;
DWORD len;
};
I will be grateful if you can give some links on the content. I am currently working on such a project. I am finding it hard to get information about the IP data grams and other headers. Also if any book on the subject that you can suggest will be helpful.
Thanking you,
Sanjit.
|
|
|
|
|
A conversation between 2 computers must have 2 sessions:
One holds the data that computerA sent and the other one holds the
data which computerB sent. Together they make a conversation.
The ip header contains the source ip address and the destination.
The TCP header contains the port information ( source and destination )
and a unique id for each packet.
I connect one session to the other by using the Session pointer ( pOtherSide variable ).
And of course, each session has its length.
|
|
|
|
|
You placed your article under C++/MFC folder, however it seems that your project is developed under .NET. Since I don't have .NET studio installed. is it possible to get the C++/MFC version of the project? Also , if I'm right, and your project is .NET, I would suggest reconsidering the project location on server.
|
|
|
|
|
Do not copy the project as a whole but copy the files needed instead.
|
|
|
|
|
I know this site is a MS focused website, but.. Isn't it better to use UNIX alike calls?, such as socket(), recv(), ... These seem to be faster and a LOT less overhead. - Run the tool through a debugger and you'll see..
Plus, the program seems to freeze - as a while() loop will use 99% of your CPU.. Does working with threads can get rid of this?
Thanks,
Michael
"live life one cpu cycle at a time".
|
|
|
|
|
No, threads won't help you. You must do a recv all the time, there are no other notifications you can get. you must do that yourself.
|
|
|
|
|
Oops, though you were using no threads at all.. but you are
My bad
"live life one cpu cycle at a time".
|
|
|
|
|
I think it better to use Thread,when i find some time ,i like to rewrite your Software and article with you ,if you don't mind
Really your are Very Genius
-----------------------------
"I Think It Will Help"
-----------------------------
Alok Gupta
visit me at http://www.thisisalok.tk
|
|
|
|
|
|
So I got your permission to rewrite Whole article and S/w with you.
are u ready for that
-----------------------------
"I Think It Will Help"
-----------------------------
Alok Gupta
visit me at http://www.thisisalok.tk
|
|
|
|
|
You can do anything you want.
Good luck.
|
|
|
|
|
Actually threads will help you.
One generally puts a network listener to be in it's own worker thread and update the UI (which is in the primary process thread or in it's own UI worker thread) via some form of IPC.
Otherwise the app, as is the case of yours, appears hung. Outlook isa a classic app which seems dead when communicating to/fro exchange server.
paul.
|
|
|
|
|
in a while loop, just put a Sleep(1); CPU use will be 0 or 1
shotgun
|
|
|
|
|
You have a very nice screen shot, a succinct "Introduction", but I can't seem to find the rest of the article.
It would be cool to know how you were able to sniff out the packets without digging thru your source to find out.
[ Jason De Arte | Toy Maker | 1001010.com ]
|
|
|
|
|
You are right, I'll add some explanations when I get the chance.
|
|
|
|
|
Thanks,
You are right.
I will do that, hopefully soon.
When I do, I'll put it here
Sniffer
I'll let you know through this message board.
Eran Aharonovich (eran.aharonovich@gmail.com )
Noviway
|
|
|
|
|
RE
One disturbingly powerful aspect of packet sniffers is their ability to place the hosting machine's network adapter into "promiscuous mode." Network adapters running in promiscuous mode receive not only the data directed to the machine hosting the sniffing software, but also ALL of the traffic on the physically connected local network.
Not if your network card is connected to a switch, as all trafic is only for that network card.
|
|
|
|