 |
Author |
Topic: real time packet sniffing (Read 5598 times) |
|
grumo
 
|
real time packet sniffing
« on: Jan 21st, 2003, 1:41am » |
|
i wonder if is possible to do IP packet sniffing in proce55ing -or java. i want to do an IP packet real time graphical representation -maybe with some kind of little automatas-. how can i read this stream? any ideas for reading any feed of actual internet/network data -at real time-?
best regards,
/David
http://www.gramagrass.org/grumo/
|
| « Last Edit: Sep 13th, 2003, 1:30am by grumo » |
|
|
|
|
Martin
   
|
Re: real time packet sniffing
« Reply #2 on: Jan 22nd, 2003, 1:45pm » |
|
carnivore has three things to make it run: winpcap, carnivorepe, and a client. carnivore relies heavily on winpcap (http://winpcap.polito.it/). winpcap is the one that does the dump magic.
should you want more info about packet sniffing, http://www.robertgraham.com/pubs/sniffing-faq.html provides good information.
side note: reading the contents of the packets is another story. this is a crime as people have the right to privacy. 
---
addenum: this is from alex, the creator of carnivore...
Quote:Yes, the first Carnivore prototype was just a Perl wrapper for tcpdump.
the newer CarnivorePE relies on the basic packet-sniffing functionality
provided by the winpcap and libpcap libraries (most if not all sniffers
like tcpdump use these same libraries). so in that sense the back-end
functionality of CarnivorePE is just like tcpdump. but then we have
coupled it with a server which can stream the captured packets out to
multiple recipients. here is a list of all the features of CarnivorePE:
+ artist-made diagnosic clients
+ remote access
+ full subject targetting
+ full data targetting
+ volume buffering
+ transport protocol filtering
+ open source software license
in addition the new version 1.4 will have improved adaptor support (for
wi-fi) and will run as a native GUI application in mac OSX and Windows.
if you want more info, the whole history of Carnivore is at
http://rhizome.org/carnivore/How_We_Made_Our_Own_Carnivore.txt |
|
|
| « Last Edit: Jan 22nd, 2003, 5:05pm by Martin » |
|
|
|
|
Martin
|
Re: real time packet sniffing
« Reply #3 on: Jan 22nd, 2003, 5:20pm » |
|
dnt really want to turn this into a carnivore forum but i felt that this is a pretty good reply...
from john, a carnivore dev team member
Quote:in a sense, to any given technologist of an arbitrary expertise level,
any "lesser" technology can appear to be a whole lot of nothing, but
making the access to a datastream simpler, enabling a wider public to
use data, is never "a whole lot of nothing."
carnivore, in terms of the underlying tech, is not terribly impressive.
but that is not what good art makes. what makes carnivore interesting is
that it is greater than the sum of its parts. its an organic and
open-ended collaboration, working around a particularly salient theme,
with a particularly strong public relations campaign behind it. not
only does carnivore enable easy access to a tcp sniff, it aggresively
promotes those artist who contribute clients, so it's a social as well
as a technological enablement. i like this.
though my contribution to rsg involved some initial carnivorePE code
(mostly getting alex up and running with VB), i have yet to make a
client. the only "problem" i see with carnivore as an artwork is how one
creates something that addresses the underlying context in a meaningful
way. if the context is not directly addressed, the underlying datastream
might as well be, as christiane paul put it so succinctly, "my
grandmother's recipe book." i'm a little more lenient than that, feeling
that the simple knowledge of where the data is coming from adds to the
experience of a visualization -- surveillance data simply *is* more
interesting than chocolate chip cookies. none the less, i do feel that
for carnivore to achieve its potential, artists need to make clients
that directly deal with security/surveillance/privacy issues. that the
tech is not rocket science does not matter in the least. |
|
as for me, i'm learning, i'm having fun and i could share what i know to people around me, which just might make this world a better place. perhaps that's what i love in computational media design.
|
|
|
|
|
benelek
|
Re: real time packet sniffing
« Reply #4 on: Jan 23rd, 2003, 3:00pm » |
|
oooh, now THIS is sounding interesting. next on my list of things to become involved in 
|
|
|
|
|
REAS
|
Re: real time packet sniffing
« Reply #5 on: Jan 23rd, 2003, 4:53pm » |
|
I think that John the Carnivore developer (as quoted by Martin ) makes some very good points. In many senses, I feel that the Proce55ing project is very similar. We're not developing any fundamental new technologies or discovering new algorithms, but rather we are combining many disparate pieces into one system that makes approaching programming and media art more accessible for some people. Like Carnivore, our contribution is in communication and structure, rather than technology.
|
|
|
|
|
RSG
|
Re: real time packet sniffing
« Reply #6 on: Nov 30th, 2004, 1:09am » |
|
i know this is an old thread.. but just wanted to report that you can download sample code for connecting to CarnivorePE from Processing at http://rhizome.org/carnivore/
i haven't done anything complex with this code, but it seems to work =)
would love to see what people come up with.
(one bug is that it doesn't seem to close the socket to carnivore when you quit the applet, so you will have to quit/restart Processing from time to time to force a reset. if anyone knows how to fix this, let me know and i'll change the client template code.)
|
|
|
|
|
johndoe5050
|
Re: real time packet sniffing
« Reply #7 on: Feb 25th, 2005, 6:46pm » |
|
I realize I'm kind of late on the scene, but I wanted to respond to Martin who said that packet-sniffing is illegal. Actually, in the United States, any unencrypted information that is transmitted over the airwaves is fair game and legally readable by anyone.
|
|
|
|
|
Martin
|
Re: real time packet sniffing
« Reply #8 on: Feb 27th, 2005, 10:49am » |
|
ah ok. i'm not aware of u.s. laws as i'm on the other side of the globe. hehe
|
|
|
|
|
manbehindcurtain
|
Re: real time packet sniffing
« Reply #9 on: Mar 30th, 2005, 11:50pm » |
|
again, not to dredge up an old thread, but most packets aren't pulled from the "airwaves"... they're pulled from the net (wires, generally). Since the law seems to draw a distinction in other cases (even cops need warrants to tap someone's phone) I'm pretty sure there is a distinction here. Something a radio/tv station transmits is fair game for anyone to pick up (probably because it's MEANT to be broadcast to a large, unknown audience), but a private telephone conversation isn't. I'm going to go out on a limb and say packet sniffing is probably illegal.
|
|
|
|
|
|
