perl network sniffer

Discussion in 'Perl Misc' started by jamie@nospam.com, Feb 25, 2005.

  1. Guest

    I have a linux router/gateway in our office. The "pointy haired boss"
    wants to moniter the internet activity for the office. I need to
    capture the URL requested and the source ip for all the machines on the
    network. Can anyone suggest some good places to start. I searched on
    CPAN and am unsure which of the packages would be most useful. Any
    help would be much appreciated.

    Thanks
    , Feb 25, 2005
    #1
    1. Advertising

  2. wrote:

    > Can anyone suggest some good places to start.


    Google for "Proxy", that's not a Perl related question.

    --
    http://www.dunkelheit.at/

    The first rule of project mayhem is: you do not ask questions.
    -- Fight Club
    Robert Sedlacek, Feb 25, 2005
    #2
    1. Advertising

  3. Guest

    <Google for "Proxy">

    I realize that it would be simple enought to place a proxy in the
    "mix", however that is not possible with our current layout. The point
    is that I would like to do it, if possible, with perl. I would like
    the information to be inserted into a mysql db (which i have no
    problems doing). Is this not possible using perl?
    , Feb 25, 2005
    #3
  4. wrote:

    > I realize that it would be simple enought to place a proxy in the "mix",
    > however that is not possible with our current layout. The point is that I
    > would like to do it, if possible, with perl. I would like the information
    > to be inserted into a mysql db (which i have no problems doing). Is this
    > not possible using perl?


    Haven't you seen HTTP::proxy at CPAN? What's wrong with it? Let me guess,
    you wanted to hear "other opinions"?

    --
    http://www.dunkelheit.at/
    -<[::..::::..::::..]>-
    Robert Sedlacek, Feb 25, 2005
    #4
  5. Guest

    <Haven't you seen HTTP::proxy at CPAN? What's wrong with it? Let me
    guess,
    you wanted to hear "other opinions"? >

    I misunderstood your response. That is exactly what I was looking for.
    Thanks for the input.
    , Feb 25, 2005
    #5
  6. wrote:

    > I misunderstood your response.


    Then I must have misunderstood your first post, where you're saying:

    | I searched on CPAN and am unsure which of the packages would be most
    | useful. Any help would be much appreciated.

    ?

    --
    http://www.dunkelheit.at/
    That is not dead, which can eternal lie,
    and with strange aeons even death may die.
    -- H.P. Lovecraft
    Robert Sedlacek, Feb 25, 2005
    #6
  7. gargoyle Guest

    On 2005-02-25, <> wrote:
    ><Google for "Proxy">
    >
    > I realize that it would be simple enought to place a proxy in the
    > "mix", however that is not possible with our current layout. The point
    > is that I would like to do it, if possible, with perl. I would like
    > the information to be inserted into a mysql db (which i have no
    > problems doing). Is this not possible using perl?


    Just capture the output of tcpdump or some sniffer (tethereal maybe?)
    and use a regex to log HTTP packets to the database. You can even
    configure the sniffer to ignore all non-HTTP packets, to reduce the cpu
    overhead of your script...

    It shouldn't take more than a few dozen lines of code to do this. I
    wrote a similar script a while back that watched for certain kinds of
    ARP packets in this fashion:

    open (ARP, "tcpdump -ln arp |") or die;
    while (<ARP>) {
    /foo/ and do_this();
    /bar/ and do_that();
    }

    Getting tcpdump to give you URLs may require some work though (looking
    inside the tcp packet), but ethereal will just outright print it to
    stdout if you tell it to, I think...
    gargoyle, Feb 25, 2005
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?RGF2aWQgQmFrZXI=?=

    Creating browser sniffer with ASP.Net

    =?Utf-8?B?RGF2aWQgQmFrZXI=?=, May 3, 2004, in forum: ASP .Net
    Replies:
    5
    Views:
    3,094
    =?Utf-8?B?RGF2aWQgQmFrZXI=?=
    May 3, 2004
  2. dex

    packet sniffer

    dex, Apr 8, 2005, in forum: Java
    Replies:
    0
    Views:
    419
  3. Paul Watt

    browser sniffer

    Paul Watt, Jul 6, 2005, in forum: HTML
    Replies:
    12
    Views:
    2,536
    dorayme
    Jul 7, 2005
  4. billiejoex

    sniffer in python

    billiejoex, Aug 15, 2005, in forum: Python
    Replies:
    6
    Views:
    4,897
    billiejoex
    Aug 16, 2005
  5. king
    Replies:
    1
    Views:
    278
Loading...

Share This Page