Fugitif
19.12.2008, 06:48
NetworkMiner is a cool little sniffer app by Erik Hjelmvik. Described as a Network Forensic Analysis Tool (NFAT), it allows you to parse libpcap files or to do a live capture of the network and find out various things passively. The main uses I like it for are file reconstruction of FTP, SMB, HTTP and TFTP streams as well as passive OS fingerprinting, but it can do a lot more. NetworkMinor uses the Satori, p0f and Ettercap OS fingerprints, and can be run from a thumb drive without having to install it. It's designed to run under Windows, but you can also use it under Linux with Wine.
Demo Video (http://www.irongeek.com/i.php?page=videos/networkminer-for-network-forensics)
http://img135.imageshack.us/img135/5271/screenshotxs8.th.jpg (http://img135.imageshack.us/my.php?image=screenshotxs8.jpg)
NetworkMiner Download (http://sourceforge.net/project/showfiles.php?group_id=189429)
Demo Video (http://www.irongeek.com/i.php?page=videos/networkminer-for-network-forensics)
http://img135.imageshack.us/img135/5271/screenshotxs8.th.jpg (http://img135.imageshack.us/my.php?image=screenshotxs8.jpg)
NetworkMiner Download (http://sourceforge.net/project/showfiles.php?group_id=189429)