Linux SoftwareSystemNetworkingrtdump 1.0

rtdump 1.0


Rtdump is a version of tcpdump modified to capture traffic on remote systems and networks
Developer:   S. Krishnan
      more software by author →
Price:  0.00
License:   Freeware
File size:   0K
Language:   
OS:   
Rating:   0 /5 (0 votes)
Your vote:  
enlarge screenshot


Rtdump is a version of tcpdump modified to capture traffic on remote systems and networks. It enables you to run a packet capture program (the server) on a target computer, which will sniff the network traffic on that system, and uplink the captured packets to another host (the client), where the captured packets can be processed, analysed and archived . The rpcap system thus consists of two separate processes, the server (or agent) which captures network traffic on a remote system, and a client, which receives and processes these packets. The server code is a standalone executable program which uses the libpcap packet capture library to capture network traffic. The client is actually a library called librpcap, which is linked to a user program and used on the client system in a manner identical to libpcap.

The librpcap client library exposes a subset of the pcap API as defined in the pcap (3) manpage. The API is used in a manner identical to that of libpcap, so that any programs which do not use the libpcap functions not present in rpcap can directly link to rpcap in place of pcap. The API functions as a set of pcap-compatible wrapper functions over a Sun RPC interface to the remote server, which invoke the corresponding libpcap functionality on it.

At this time, rpcap has been built and tested only on Linux on Intel platforms. However, it should build on any UNIX like system that supports multithreading and has the RPC libraries and utilities available, so that it should be possible to build it on most systems. Please note however that there are a couple of bugs in the code (all my own!) that currently restrict it to little-endian systems. I will fix this ASAP.


The rtdump executable is just a slightly modified version of tcpdump. The difference is that rtdump links against librpcap rather than libpcap, and so requires some modifications in the initialization stuff. The main difference for end users is in the command line. Rtdump is invoked as follows:

rtdump

The remote host name option is of course the name or IP address of the remote host on which you desire to capture traffic.

For example, supposing you want to capture tcp traffic to your local machine (the client) from a remote machine called, say, fred, on fred's eth1 interface, you should invoke rtdump thus:

rtdump -i eth1 tcp fred

The difference between a normal tcpdump invocation and this invocation is the addition of the remote host name. The capture data is dumped to the current host, i.e. the system on which rtdump has been invoked, By default rtdump uses the default rpcap port values of 21373 tcp and 61373 udp for communication with the server process, apart from the RPC process. If any of these defaults need to be changed, the
initialization code in rtdump.c has to be modified accordingly (check the init_rpcap function and the lines preceding it).

All other rtdump operational parameters are identical to tcpdump (it *is* tcpdump with a few minor modifications, after all!), so please check man (1) tcpdump for details.

What's New in This Release:
  • Modified tcpdump to link to librpcap and compile as rtdump for remote capture
  • renamed tcpdump.c to rtdump.c
  • added librpcap initialization code to main() in rtdump.c
  • added rpcap client host address routines to main() in rtdump.c
  • added rpcap capture end function to cleanup() in rtdump.c
  • added the str_utils.c and str_utils.h files for parsing client names (called in main() in rtdump.c)
    tags the client  the remote  the server  remote host  network traffic  the rpc  has been  the initialization  the difference  host name  str utils  added rpcap  initialization code  

    Download rtdump 1.0


     http://prdownloads.sourceforge.net/rpcap/rtdump-1.0.tar.gz?use_mirror=kent
     http://prdownloads.sourceforge.net/rpcap/rtdump-1.0.tar.gz?use_mirror=superb-east
     http://prdownloads.sourceforge.net/rpcap/rtdump-1.0.tar.gz?use_mirror=jaist


    Authors software

    rtdump 1.0 (by S. Krishnan)
    Rtdump is a version of tcpdump modified to capture traffic on remote systems and networks

    RPCAP 0.23 (by S. Krishnan)
    RPCAP is a Remote Packet Capture system


    Similar software

    rtdump 1.0 (by S. Krishnan)
    Rtdump is a version of tcpdump modified to capture traffic on remote systems and networks

    RPCAP 0.23 (by S. Krishnan)
    RPCAP is a Remote Packet Capture system

    Net::Pcap 0.12 (by Sebastien Aperghis-Tramoni)
    Net::Pcap is an Interface to pcap(3) LBL packet capture library.

    SYNOPSIS

    use Net::Pcap;

    my $err = '';
    my $dev

    libpcapnav 0.7 (by Christian Kreibich)
    libpcapnav is a libpcap wrapper library that allows navigation to arbitrary locations in a tcpdump trace file between reads.

    The API

    Web Interface for SIP Trace 0.4 (by Devel-IT)
    Web Interface for SIP Trace is a PHP Web Interface that permits you to connect on a remote host/port and listen/filter.

    Web Interfac

    libpcap 0.9.4 (by The Tcpdump Group)

    ssldump 0.9b3 (by Eric Rescorla)
    ssldump is an SSLv3/TLS network protocol analyzer

    Aimwatch 0.9.1 beta (by Bryan Schneiders)
    Aimwatch is a packet sniffer designed to reconstruct AOL Instant Messenger and ICQ information by passively collecting packets from t

    scanlogd 2.2.6 (by Solar Designer)
    scanlogd project is a system daemon which attempts to log all portscans of a host to the syslog, in a secure fashion.

    This release

    dietsniff 0.3 (by Hynek Schlawack)
    dietsniff is a network debugging-tool like tcpdump or ethereal


    Other software in this category

    Nmap 4.20 (by Fyodor)
    Nmap is a utility for network exploration or security auditing

    iptables 1.3.7 (by Harald Welte)
    iptables and netfilter are building blocks of a framework inside the Linux 2.4.x and 2.6.x kernel

    Linux Bandwidth Arbitrator 9.62 (by astormchaser)
    Linux Bandwidth Arbitrator allows beginning-to-advanced network administrators to control bandwidth

    Ettercap 0.7.3 (by ALoR NaGA)
    Ettercap is a network sniffer/interceptor/logger for ethernet LANs

    rdesktop 1.5.0 (by matthewc)
    rdesktop is an open source client for Windows NT Terminal Server and Windows 2000/2003 Terminal Services, capable of natively speakin

    •     search


    Featured Software

    jEdit 4.3 pre8
    jEdit is an Open Source text editor written in Java

    Opera 9.02
    Surf the Internet in a safer, faster, and easier way with Opera browser

    GNU Aspell 0.60.4
    GNU Aspell is a Free and Open Source spell checker designed to eventually replace Ispell


    Subscribe in Rojo
    Google Reader
    Add to My Yahoo!

    Add to My AOL
    Subscribe with Bloglines
    Subscribe in NewsGator Online
    Add 'nixbit linux software' to Newsburst from CNET News.com
    del.icio.us nixbit linux software


    Top tags