|
Wireshark
Wireshark is a Free and open-source software, free and open-source packet analyzer. It is used for computer network, network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, the project was renamed Wireshark in May 2006 due to trademark issues. Wireshark is cross-platform, using the Qt (software), Qt widget toolkit in current releases to implement its user interface, and using pcap to capture packets; it runs on Linux, macOS, BSD, Solaris (operating system), Solaris, some other Unix-like operating systems, and Microsoft Windows. There is also a terminal-based (non-GUI) version called TShark. Wireshark, and the other programs distributed with it such as TShark, are free software, released under the terms of the GNU General Public License version 2 or any later version. Functionality Wireshark is very similar to tcpdump, but has a Graphical user interface, graphical front-end and back-end, front-end and integ ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Qt (software)
Qt ( pronounced "cute") is a cross-platform application development framework for creating graphical user interfaces as well as Cross-platform software, cross-platform applications that run on various software and hardware platforms such as Linux, Windows, macOS, Android (operating system), Android or embedded systems with little or no change in the underlying codebase while still being a native application with native capabilities and speed. Qt is currently being developed by The Qt Company, a publicly listed company, and the Qt Project under open-source governance, involving individual developers and organizations working to advance Qt. Qt is available under both commercial licenses and open-source GNU General Public License, GPL 2.0, GPL 3.0, and GNU Lesser General Public License, LGPL 3.0 licenses. Purposes and abilities Qt is used for developing graphical user interfaces (GUIs) and multi-platform application software, applications that run on all major Desktop computer ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
MAC Address
A MAC address (short for medium access control address or media access control address) is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment. This use is common in most IEEE 802 networking technologies, including Ethernet, Wi-Fi, and Bluetooth. Within the Open Systems Interconnection (OSI) network model, MAC addresses are used in the medium access control protocol sublayer of the data link layer. As typically represented, MAC addresses are recognizable as six groups of two hexadecimal digits, separated by hyphens, colons, or without a separator. MAC addresses are primarily assigned by device manufacturers, and are therefore often referred to as the burned-in address, or as an Ethernet hardware address, hardware address, or physical address. Each address can be stored in the interface hardware, such as its read-only memory, or by a firmware mechanism. Many network interfaces, however, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Tcpdump
tcpdump is a data-network packet analyzer computer program that runs under a command line interface. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Distributed under the BSD license, tcpdump is free software. Tcpdump works on most Unix-like operating systems: Linux, Solaris, FreeBSD, DragonFly BSD, NetBSD, OpenBSD, OpenWrt, macOS, HP-UX 11i, and AIX. In those systems, tcpdump uses the libpcap library to capture packets. The port of tcpdump for Windows is called WinDump; it uses WinPcap, the Windows version of libpcap. History tcpdump was originally written in 1988 by Van Jacobson, Sally Floyd, Vern Paxson and Steven McCanne who were, at the time, working in the Lawrence Berkeley Laboratory Network Research Group. By the late 1990s there were numerous versions of tcpdump distributed as part of various operating systems, and numerous patches that were not well coordinat ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pcap
In the field of computer network administration, pcap is an application programming interface (API) for capturing network traffic. While the name is an abbreviation of ''packet capture'', that is not the API's proper name. Unix-like systems implement pcap in the ''libpcap'' library; for Windows, there is a port of libpcap named ''WinPcap'' that is no longer supported or developed, and a port named ''Npcap'' for Windows 7 and later that is still supported. Monitoring software may use libpcap, WinPcap, or Npcap to capture network packets traveling over a computer network and, in newer versions, to transmit packets on a network at the link layer, and to get a list of network interfaces for possible use with libpcap, WinPcap, or Npcap. The pcap API is written in C, so other languages such as Java, .NET languages, and scripting languages generally use a wrapper; no such wrappers are provided by libpcap or WinPcap itself. C++ programs may link directly to the C API or make use ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
TZSP
TaZmen Sniffer Protocol (TZSP) is an encapsulation protocol used to wrap other protocols. It is commonly used to wrap 802.11 wireless packets to support Intrusion Detection Systems (IDS), wireless tracking, or other wireless applications. Protocol Summary A number of 802.11 sensors and Access Points use the TZSP protocol for packet capture. It is an open protocol that was designed to encapsulate other protocols over UDP. The primary use for this protocol has been the capture of wireless traffic and transmission of them over a wired network. Protocol Header The protocol specified three parts to each TZSP packet: A 4-byte header followed by one or more tagged fields, the last of which has to be the TAG_END(0x01), and finally the encapsulated data. The header and tagged fields use big-endian ordering where appropriate. Version The TZSP version should always be set to 1 (0x01). Type 0 (0x00) Received tag list 1 (0x01) Packet for transmit 2 (0x02) Reserved 3 (0x03) Co ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Free And Open-source Software
Free and open-source software (FOSS) is software available under a license that grants users the right to use, modify, and distribute the software modified or not to everyone free of charge. FOSS is an inclusive umbrella term encompassing free software and open-source software. The rights guaranteed by FOSS originate from the "Four Essential Freedoms" of '' The Free Software Definition'' and the criteria of '' The Open Source Definition''. All FOSS can have publicly available source code, but not all source-available software is FOSS. FOSS is the opposite of proprietary software, which is licensed restrictively or has undisclosed source code. The historical precursor to FOSS was the hobbyist and academic public domain software ecosystem of the 1960s to 1980s. Free and open-source operating systems such as Linux distributions and descendants of BSD are widely used, powering millions of servers, desktops, smartphones, and other devices. Free-software licenses and open-so ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Lua (programming Language)
Lua is a lightweight, high-level, multi-paradigm programming language designed mainly for embedded use in applications. Lua is cross-platform software, since the interpreter of compiled bytecode is written in ANSI C, and Lua has a relatively simple C application programming interface ( API) to embed it into applications. Lua originated in 1993 as a language for extending software applications to meet the increasing demand for customization at the time. It provided the basic facilities of most procedural programming languages, but more complicated or domain-specific features were not included; rather, it included mechanisms for extending the language, allowing programmers to implement such features. As Lua was intended to be a general embeddable extension language, the designers of Lua focused on improving its speed, portability, extensibility and ease-of-use in development. History Lua was created in 1993 by Roberto Ierusalimschy, Luiz Henrique de Figueiredo and Wa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Monitor Mode
Monitor mode, or RFMON (Radio Frequency MONitor) mode, allows a computer with a wireless network interface controller (WNIC) to monitor all traffic received on a wireless channel. Unlike promiscuous mode, which is also used for packet sniffing, monitor mode allows packets to be captured without having to associate with an access point or ad hoc network first. Monitor mode only applies to wireless networks, while promiscuous mode can be used on both wired and wireless networks. Monitor mode is one of the eight modes that 802.11 wireless adapter can operate in: Master (acting as an access point), Managed (client, also known as station), Ad hoc, Repeater, Mesh, Wi-Fi Direct, TDLS and Monitor mode. Uses Uses for monitor mode include: geographical packet analysis, observing of widespread traffic and acquiring knowledge of Wi-Fi technology through hands-on experience. It is especially useful for auditing unsecure channels (such as those protected with WEP). Monitor mode can ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Wireless Network Interface Controller
Wireless communication (or just wireless, when the context allows) is the transfer of information (''telecommunication'') between two or more points without the use of an electrical conductor, optical fiber or other continuous guided medium for the transfer. The most common wireless technologies use radio waves. With radio waves, intended distances can be short, such as a few meters for Bluetooth, or as far as millions of kilometers for deep-space radio communications. It encompasses various types of fixed, mobile, and portable applications, including two-way radios, cellular telephones, personal digital assistants (PDAs), and wireless networking. Other examples of applications of radio ''wireless technology'' include GPS units, garage door openers, wireless computer mouse, keyboards and headsets, headphones, radio receivers, satellite television, broadcast television and cordless telephones. Somewhat less common methods of achieving wireless communications involv ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Network Tap
A network tap is a system that monitors events on a local network. A tap is typically a dedicated hardware device, which provides a way to access the data flowing across a computer network. The network tap has (at least) three ports: an ''A port'', a ''B port'', and a ''monitor'' port. A tap inserted between A and B passes all traffic (send and receive data streams) through unimpeded in real time, but also copies that same data to its monitor port, enabling a third party to listen. Network taps are commonly used for network intrusion detection systems, VoIP recording, network probes, RMON probes, packet sniffers, and other monitoring and collection devices and software that require access to a network segment. Taps are used in security applications because they are non-obtrusive, are not detectable on the network (having no physical or logical address), can deal with full-duplex and non-shared networks, and will usually ''pass through'' or ''bypass'' traffic even if the tap stops ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Port Mirroring
Port mirroring is used on a network switch to send a copy of network packets seen on one switch port (or an entire VLAN) to a network monitoring connection on another switch port. This is commonly used for network appliances that require monitoring of network traffic such as an intrusion detection system, passive probe or real user monitoring (RUM) technology that is used to support application performance management (APM). Port mirroring on a Cisco Systems switch is generally referred to as ''Switched Port Analyzer'' (SPAN) or ''Remote Switched Port Analyzer'' (RSPAN). Other vendors have different names for it, such as ''Roving Analysis Port'' (RAP) on 3Com switches. Network engineers or administrators use port mirroring to analyze and debug data or diagnose errors on a network. It helps administrators keep a close eye on network performance and alerts them when problems occur. It can be used to mirror either inbound or outbound traffic (or both) on single or multiple inter ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
