PROJECTS - daSniff

daSniff - an open source customizable sniffer for Windows

News

17.07.2002 - Released daSniff version 1.41
  • Added minsize= and maxsize= parameters to the documentation. Sorry I've forgotten to add them earlier.
  • Changed the Regular Expressing Parser syntax mode. Now it works with extended POSIX syntax.
23.06.2002 - Released daSniff version 1.4
  • Added NOT sign in rules file format. Now it is possible to match rule if it is NOT equal to some parameter. Example: proto!=tcp - will match only if protocol is NOT tcp
  • Added ip/mask format support. Now you could match a whole subnet with a single rule using format like 192.168.0.0/16 (or 192.168/16)
  • Added support for icmp and igmp protocols in proto parameter
  • Minor installer improvements (again)

Description

daSniff is an open source customizable sniffer for win32 systems. It helps you to log your LAN traffic by specifying packet rules as filters. It has two major versions named version A and version B. Both versions use the same packet filtering, but different sniffing code. Version A uses pure WinSock2 API and runs only under Windows 2000 and above with administrator privileges. It is also available as a Windows NT service. Version B uses WinPcap as a packet capture library and runs under Windows 95/98/ME/2000/XP. For more information about versions' differences refer to the manual.

Download

Home page:
Installations (binary only):
Source code only:

General notes and license

The sniffing code of A version is based on the code of Natas (http://intex.ath.cx)

B version uses WinPcap (http://netgroup-serv.polito.it/winpcap)

License: no license for this version

NO WARRANTY

THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

Modifications of any kind are permitted ;)

Sending new code, ideas and bug reports to stjordanov@hotmail.com. will be appreciated!

About the author

Author: Demosten http://demosten.com or stjordanov@hotmail.com.

History

14.04.2002 - Released daSniff version 1.3.B
  • Added WinPcap version 2.3 support (now runs under MS Windows XP)
  • Minor installer improvements
16.03.2002 - Released daSniff version 1.2
  • Fixed support for link types different from Ethernet and Token Ring in version B
  • Removed unnecessary parts of the source code project (smaller installations)
28.01.2002 - Released daSniff version 1.1
  • Added Token Ring support to version B
  • Added new command line option -w which forces daSniff to wait until pressing any key to exit
  • Better installation and documentation
  • Some minor sniffing code improvements
22.01.2002
Project name changed to daSniff as there is another (older) sniffer named dSniff.
31.10.2001
first public available versions (1.0.A and 1.0.B)
30.08.2001
first beta version (1.0.A beta 1)

Copyright: Demosten © 2012
Page last updated: 09.08.2011
Web design: Milen Dyankov