Could anyone suggest a good packet sniffer class for c++? Looking for a easy insertable class I can use in my c++ program, nothing complicated.
Asked
Active
Viewed 4,198 times
3
-
I am using the MC VC++ on a Windows platform. – Mike Curry Dec 05 '08 at 22:19
3 Answers
17
You will never be able to intercept network traffic just by inserting a class into your project. Packet capture functionality requires kernel mode support, hence you will at the very least need to have your application require or install libpcap/WinPcap, as Will Dean pointed out.
Most modern Unix-like distributions include libpcap out of the box, in which case you could take a look at this very simple example: http://www.tcpdump.org/pcap.htm
If you're using Windows, you're more or less on your own, although WinPcap programming is extremely similar to libpcap programming (unsurprisingly, since it's a libpcap port to Win32.) The SDK can be found here: http://www.winpcap.org/devel.htm
At any rate, no matter the operating system, you will need root / Administrator access to actually perform a capture. Just using the library to replay or analyze precaptured data doesn't require any special privilege, of course.
Mihai Limbășan
- 64,368
- 4
- 48
- 59
-
1Nitpick: WinPcap offers the option of starting as a service so that non-admins can capture packets. – Josh Kelley Dec 12 '08 at 15:52
-
I know. However, doing this is a such *monumentally* bad idea, security-wise, that I'd rather not publicize it more. – Mihai Limbășan Dec 12 '08 at 16:26
2
You'll need to say something about your platform, as this is a platform rather than a language thing.
But assuming you're on something common, look into pcap or winpcap.
Will Dean
- 39,055
- 11
- 90
- 118
1
Microsoft Network Monitor has a packet capture and analysis API, see the netmon blog for some basic info.