Packet tools
There are times in my work, both here for the Internet Storm Center and at the day job, when I need to either capture, generate, or replay IP (generally IPv4, but more and more IPv6) packets.  Over the years, I've found a number of tools to assist in the process.  I just discovered a new (to me) one (scapy, it has apparently been around for a year or two, but I just started playing with it in the last week), so I figured I'd ask our readers for suggestions.  What are your favorites?  Post your suggestions to the contact page and I'll summarize next week.  No need to mention the ones listed below.

* nmap
* ethereal/wireshark
* tcpdump
* hping2
* p0f
* snort
* tcpreplay
* tcptraceroute
* ngrepI will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS Tokyo Autumn 2022


423 Posts
ISC Handler
May 4th 2007

Sign Up for Free or Log In to start participating in the conversation!