The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,322 other followers

🔎Julia Evans🔍 on Twitter: “ngrep: grep your network!… “

Posted by jpluimers on 2021/02/16

[WayBack] 🔎Julia Evans🔍 auf Twitter: “ngrep: grep your network!… “

So this taught me a new tool and other new things:

  • ngrep – Wikipedia

    ngrep is similar to tcpdump, but it has the ability to look for a regular expression in the payload of the packet, and show the matching packets on a screen or console. It allows users to see all unencrypted traffic being passed over the network, by putting the network interface into promiscuous mode.

    ngrep with an appropriate BPF filter syntax, can be used to debug plain text protocols interactions like HTTPSMTPFTPDNS, among others, or to search for a specific string or pattern, using a grep regular expression syntax.[4][5]

    ngrep also can be used to capture traffic on the wire and store pcap dump files, or to read files generated by other sniffer applications, like tcpdump, or wireshark.

    ngrep has various options or command line arguments. The ngrep man page in UNIX-like operating systems show a list of available options.

  • [WayBack] GitHub – jpr5/ngrep.

    ngrep is like GNU grep applied to the network layer. It’s a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

  • [WayBack] BPF syntax
  • Berkeley Packet Filter – Wikipedia

–jeroen

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

 
<span>%d</span> bloggers like this: