Ever located an old capture file and you weren’t sure what was in it or needed to grab some quick statistics about another capture file? What about needed to run statistics on multiple capture files and present them via a database or a spreadsheet? Well if you have ever run into any of these scenarios then capinfos is worth a look. The capinfos command is available via the Backtrack CLI and provides statistic information about cap files. This is one of the gems located on Backtrack that nobody ever hears about.
I remember being so happy about 0trace when I started to write some Backtrack related articles because even though 0trace is fairly simple it is really useful to locate the full path to devices you are investigating. In the article below I will explain the necessary 0trace input from the command line, what needs to be done to complete a successful trace to a target using 0trace, and provide some example of devices in front of and behind a firewall blocking ICMP or traceroute requests.
It is very common when obtaining wireless network handshakes to end up with a huge capture(.cap or .pcap typically) file. Previously purehate wrote this article on filtering out SSID specific EAPOL packets from a capture file but if you wanted to keep any and all packets related to a specific SSID including data packets, beacon frames, etc. the below tshark command will accomplish that. This is very similar to the previous article but will provide more data for the user and still slim down a capture file if you had packets from multiple SSID’s.
I had a customer today who brought in a laptop and wanted to switch over to Ubuntu linux. I always try to go the extra mile for people who want to convert to Linux. After installing Ubuntu 10.04 LTS, I rebooted and to my dismay the wired (eth0) interface was not working. I always run into wireless problems with Linux but its pretty rare that a wired interface doesn’t work. Below I show the fairly simple fix.
There are various reasons why you may want to log the incoming packets for your Skype messaging client. You can log both calls and instant messages made via your Skype client using Wireshark. Wireshark is a free utility that can be used to log any traffic on your computer.