libpcap is an open source C library for putting your NIC in promiscuous mode. Today I’ll go over a few C gotchas and how to use the libpcap API Any C programmers? Planning to go to grad school? | libpcap Packet Sniffing for Security Alisa Neeman Introduction libpcap is an open source C library for putting your NIC in promiscuous mode. Today I’ll go over a few C gotchas and how to use the libpcap API Any C programmers? Planning to go to grad school? Agenda Installing libpcap C stuff Basic libpcap program Grab a device to sniff Filters/Event Loops Packet structure Getting the library Linux: VC++: Winpcap Cygwin: Wpcap (haven’t tried this) Install on Linux gunzip tar -xvf cd ./configure make Install for Windows VC++ Get both Developer's pack download and Windows 95/98/ME/NT/2000/XP install package. Run install and reboot (this installs the .dll and inserts a link in your registry). You need to insert a copy of into C:\Program Files\Microsoft Visual Studio\VC98\Include (There is a copy of in the Winpcap developer's pack in wpdpack/Include. In fact you can copy over all the .h files ) VC++, cont’d You also need to add the lib files. Copy everything from wpdpack/Lib to C:\Program Files\Microsoft Visual Studio\VC98\Lib go to Project -> Settings -> click on the Link tab, and type in and in addition to the lib files that are already there. Avoiding C Gotchas Always declare variables at the beginning of a block (no Java/C++ messiness!!) Nothing ‘new’: Always free what you malloc malloc( sizeof ( thingYouWantToAllocate )); Always check the return value (no Exceptions!) if (thing_didnt_work()) { fprintf(stderr, "ERROR: thing didn't work\n"); exit(-1); } /* if (thing_didnt_work) */ C cont’d Output is formatted. char person[ ] = “baby”; printf(“give me %d, %s\n”, 5, person); %d: int %x: hex %s: string %f: double Get to the point! Pass by reference explicitly - Pass-by-reference prototype int doSomething( Thing *); Choice . | libpcap Packet Sniffing for Security Alisa Neeman Introduction libpcap is an open source C library for putting your NIC in promiscuous mode. Today I’ll go over a few C gotchas and how to use the libpcap API Any C programmers? Planning to go to grad school? Agenda Installing libpcap C stuff Basic libpcap program Grab a device to sniff Filters/Event Loops Packet structure Getting the library Linux: VC++: Winpcap Cygwin: Wpcap (haven’t tried this) Install on Linux gunzip tar -xvf cd ./configure make Install for Windows VC++ Get both Developer's pack download and Windows 95/98/ME/NT/2000/XP install package. Run install and reboot (this installs the .dll and inserts a link in your registry). You need to insert a copy of into C:\Program Files\Microsoft Visual Studio\VC98\Include (There is a copy of
