Tag Archives: TCP/IP

How To: Perl TCP / UDP Socket Programming using IO::Socket::INET

How To: Perl TCP / UDP Socket Programming using IO::Socket::INET.

Perl socket modules provides an object interface that makes it easier to create and use TCP / UPD sockets.

This article covers the following topics:

  • Perl example code for TCP client and server
  • Perl example code for UDP client and server
  • Read and write descriptor list using Select(IO::Select)

CPAN module IO::Socket::INET is used to perform socket operations such as — creating, binding, connecting, listening and closing the socket.

IO::Select module is used for obtaining the descriptors that are ready for read/write operations.

Read More

danielmiessler.com | study | A Tcpdump Tutorial / Primer

danielmiessler.com | study | A Tcpdump Tutorial / Primer.

It’s also important to note that tcpdump only takes the first 68 bytes of data from a packet by default. If you would like to look at more, add the -s number option to the mix, where number is the number of bytes you want to capture. I usually give it 1514 (to get everything) if I use this option. Here’s a short list of the options I use most:

  • -i any : Listen on all interfaces just to see if you’re seeing any traffic.
  • -n : Don’t resolve hostnames.
  • -nn : Don’t resolve hostnames or port names.
  • -X : Show the packet’s contents in both hex and ASCII.
  • -v, -vv, -vvv : Increase the amount of packet information you get back.
  • -c : Only get x number of packets and then stop.
  • -S : Print absolute sequence numbers.
  • -e : Get the ethernet header as well.
  • -q : Show less protocol information.

Read More

ngrep – network grep

ngrep -d any port 25 Monitor all activity crossing source or destination port 25 (SMTP). ngrep -d any ‘error’ port syslog Monitor any network-based syslog traffic for the occurrence of the word “error”. ngrep knows how to convert service port names (on UNIX, located in “/etc/services”) to port numbers. ngrep -wi -d any ‘user|pass’ port

Read More

Bad Behavior has blocked 96 access attempts in the last 7 days.