Reverse Engineering/Packet Sniffers

From Wikibooks, the open-content textbooks collection

Packet Sniffers are tools that will read all traffic available on the line, not just information that is addressed to that computer in particular. Packet sniffers can be very useful for identifying traffic on the local network.

[edit] Wireshark

One of the most popular packet sniffers and analyser is the open source software package Wireshark (former Ethereal).

[edit] French Cafe technique

The "French Cafe technique" (Tridgell 2003) is a technique for reverse-engineering a network protocol. It involves setting up 2 computers to talk to each other using that protocol on a relatively "clean" network, watching the conversation with a packet sniffer, and puzzling out the keyboard -- packet(s) sent -- packet(s) reply chain of events.

[edit] further reading

• "How Samba was written" by Andrew Tridgell 2003

This page or section of the Reverse Engineering Book is a stub. If you have information on this topic, write about it here.