Installation
1.) Download and install Python 2.3. The simplest and best solution to
this, is to get this
from ActiveState.
2.) Download and install WinPcap 3.0. You can get it from here.
More info about winpcap can be found here.
NB: If you already have WinPcap
installed (like if you have Ethereal) then you will either need to make
sure its compatible with WinPCap 3.0, or either uninstall ethereal /
older winpcap. Also, don't get the 3.1 development one either.
3.) Download and install Pcapy ( a python wrapper around winpcap ). You
can get it here.
The oss.coresecurity.com website seems
to be down an "awful" lot. If you are having problems getting their
wrapper, I'll see about offering it from my site. It's released under
basically an Apache style license, so I should be able to redistribute
it without fear of retribution.
4. Download my python script from here.
(Link
will work once
I've uploaded it.)
Notes
The dialog to choose which adpater to use lists the GUIDs for each
device. If I can figure out where those GUIDs are in the registry, ill
write a routine to replace the list with the names. In the meantime,
you can match up the GUIDs with the output of WinDump.exe -D. If you
need WinDump, you can get it from here.
Right now, it uses the server ip address to determine which packets are
to/from the server. This doesnt work when the server and client are the
same machine, so for this to be useful, you'll need two machines to
test this. It doesn't matter if you run the sniffer on the client or
server. Just make sure you have the right IP address configured.