Using TFTP, Phoenix copies daemon_mgm.exe, NetMonInstaller.exe, npf_mgm.exe, rpcapd.exe, and Uninstall.exe to a directory such as C:\Program Files\WinPcap on his boss's computer.Ĭopies packet.dll, pthreadvc.dll, wanpacket.dll, and wpcap.dll to c:\windows\system32.Ĭopies npf.sys to c:\windows\system32\drivers. Instead, he uses WinZip to unzip the self-extracting executable. He downloads WinPcap, but does not install it. In the event that Phoenix has to install WinPcap using the command line, he takes the following steps: Normally, WinPcap uses a graphical install, but using Netcat to connect to a command-line interface of his boss's computer will not allow Phoenix to view a graphical install utility. If the network manager does not have WinPcap installed, Phoenix must copy the files and manually install them. Many network utilities use this library, so in a situation like the one in this chapter, chances are good that a network manager working in information technology already has WinPcap installed. WinDump, like most packet-capturing software, requires the use of the Windows Packet Capture library (WinPcap). Phoenix knows when this occurs because WinDump stops running and returns him to a command prompt. Phoenix must wait until his boss sends or receives 500 packets. Typing the following on his boss's computer will capture up to 1,000 packets and send them to the file capture.log: windump -c 500 -s 1500 -w capture.log w filename-This option logs all captured packets to a log file. Without this option, some packets will be cut off and Phoenix will not be able to reassemble them.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |