|
Apart from winpcap where you need to install a lib you can find various other tools. For example analogx has some simple capture utility that can capture traffic (it is called packetmon). But if you look around. anyway using ethereal you got an awesome package too as already mentioned.
Another cool one that runs without a driver is BasicNetworkSniffer from planet-source-code I just compiled it.
There is a thing called ethernetspy with source code, which is interesting to read (use google).
There is also netcat which is a basic sniffer which uses hooking so also no drivers are needed.
One I really liked is poorsniff which also doesnt need drivers. Be aware tho that using raw packets can only be done under sp2 when you are not crafting packets (normally, although with hooking you might get it done anyway). Have fun.
|