Welcome Guest.   Make a donation to an author on the site September 30, 2014, 02:59:24 PM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
The N.A.N.Y. Challenge 2012! Download dozens of custom programs!
   
   Forum Home   Thread Marks Chat! Downloads Search Login Register  
Pages: [1]   Go Down
  Reply  |  New Topic  |  Print  
Author Topic: NANY 2011 Release: Crush Sniffer  (Read 2904 times)
Crush
Member
**
Posts: 399



Hello dude!

see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« on: November 14, 2010, 02:37:08 PM »

NANY 2011 Entry Information

Application Name Crush Sniffer
Version V1.00
Short Description Sniff Programs, Users, Server availability and Connections in (Unix/Linux) Network Environments
Supported OSes Sniffer: Unix/Linux / Analyzer: Windows
Web Page -
Download Link * Crush Sniffer.zip (20.08 KB - downloaded 286 times.)
System Requirements
  • Pentium class computers
  • mfc71.dll
Version History
  • 10/11/14 Release V1.0
  • 10/11/15 Release V1.0 Script Updates
Author Crush
Screencast

Description
The Crush Sniffer creates different continous logs of several system events in Linux/Unix.
Because IĀ“ve no deeper experience in Unix-Coding I decided to create a small but handy analyzer that can filter the most important events from these logs and to search at a click the right positions of all logs at the same (or similar) time stamp.
The tool has been created to detect illegal activities or sabotage on special systems - and it worked fine.
This program can be used to sniff the behaviour of other users on your or other computers and check out who have done what and when.
Because of this, the usage is only allowed to system owners or administrators who have the legal rights to control the sniffed systems.
I recommend only experienced users who know how to read system-logs to use this tool!

Features
  • sniffer works as a normal task from the shell
  • the results can be easy viewed with the analyzer

Planned Features
  • none

Screencast

Usage
Installation
There are two scripts: One for Unix systems (and Cygwin I think) and another one for Linux. Copy the suiting one to the system you like. Open a shell window and start it.
Copy the "Crush Sniffer.exe" to a windows system or a wine directory in Linux and run it there.

Using the Application
After logging (can be stopped with ctrl-c) you have to copy the logs (all starting with RR...) to a windows computer or perhaps a Linux computer with wine and run the "Crush Sniffer.exe" - otherwise a mapped drive with network access should also work.
The program is in german - but itĀ“s so easy to use I donĀ“t see any reason to translate it.
"Nachrichtenfilter aktivieren" is automatically enabled and filters unnecessary lines from the results where nothing important happened.
The button "Dateien einlesen" Reads the files. You can select one of the RR... files. ItĀ“s not important which one.
Reading and filtering can take some time - so please be patient.
At the end you can see the 4 different logs. On clicking in a window all other logs will be corrected to the nearest time stamps to see what happend at this time with the other logs.
ThatĀ“s all.

All settings are in the logger.sh file hard-coded. You have to change them by hand if necessary.
You can set the names of 3 different hosts. It should be easy to add more if you like.
Maximalcountage sets the days of logging. Older logs will be automatically deleted.
The _init-variables set the timeslice being used to update the different logs.
In the greps you can change the "*" parameter to a special to be controlled user if you like.

Uninstallation
Only delete the files and folder

Known Issues
The load-process takes a lot of time sometimes - depending on the size of your logs.

Screenshot


Please donĀ“t ask for further support or development, because I decided to stop the development at this state.
« Last Edit: November 22, 2010, 01:09:13 PM by Crush » Logged
Crush
Member
**
Posts: 399



Hello dude!

see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #1 on: November 15, 2010, 04:44:05 PM »

I updated the scripts and the requirements (you need mfc71.dll). ThereĀ“s now one for Unix and one for Linux.
Logged
Pages: [1]   Go Up
  Reply  |  New Topic  |  Print  
 
Jump to:  
   Forum Home   Thread Marks Chat! Downloads Search Login Register  

DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.027s | Server load: 0.06 ]