Download Shareware and Freeware Software for Windows, Linux, Macintosh, PDA

line Home  |  About Us  |  Link To Us  |  FAQ  |  Contact

Serving Software Downloads in 976 Categories, Downloaded 30.157.668 Times

ETTERLOG 1.0

  Date Added: April 14, 2010  |  Visits: 900

ETTERLOG

Report Broken Link
Printer Friendly Version


Product Homepage
Download (102 downloads)

ETTERLOG is a utility for Network Lan (SWITCH) for file .ECI and .ECP. (Ettercap program). Etterlog is the log analyzer for logfiles created by ettercap. It can handle both compressed (created with -Lc) or uncompressed logfiles. With this tool you can manipulate binary files as you like and you can print data in different ways all the times you want (in contrast with the previous logging system which was used to dump in a single static manner). You will be able to dump traffic from only one connection of your choice, from only one or more hosts, print data in hex, ascii, binary etc... TIP: All unuseful messages are printed to stderr, so you can save the output from etterlog with the following command: etterlog [options] logfile > outfile Thus you can dump for example a binary file from an ftp connection if you print the data in binary mode, without headers and selecting only the ftp server as the source of the communication. GENERAL OPTIONS -a, --analyze Analyze a log file and display some interesting statistics. -c, --connections Parse the log file and print a table of unique connections (port to port). This option can be used only on LOG_PACKET logfiles. On LOG_INFO logfiles it is useless. TIP: you can search for a particular host by using the following command: etterlog -c logfile.ecp | grep 10.0.0.1 -f, --filter < TARGET > Print only packets coming from or going to TARGET. The TARGET specification is the same as in ettercap. TARGET is in the form MAC/IPs/PORTs. Omitting one or more of its parts will be equivalent to set them to ANY. If the log type is LOG_INFO the target is used to display hosts matching the mac, ip and having the specified port(s) open. For example the target //80 will display only information about hosts with a running web server. -r, --reverse Reverse the matching in the TARGET selection. It means not(TARGET). All but the selected TARGET. -t, --proto < PROTO > Sniff only PROTO packets (default is TCP + UDP). This option is only useful in "simple" mode. If you start ettercap in interactive mode both TCP and UDP are sniffed. PROTO can be "tcp", "udp" or "all" for both. -F, --filcon < CONNECTION > Print packets belonging only to this CONNECTION. CONNECTION is in the form PROTO:SOURCE:DEST. SOURCE and DEST are in the form IP:PORT. example: etterlog -F TCP:10.0.0.23:3318:198.182.196.56:80 -s, --only-source Display only packets that are sent by the source of the selected CONNECTION. This option makes sense only in conjunction with the -F option. TIP: if you want to save a file transferred in an HTTP or FTP connection, you can use the following command: etterlog -B -s -n -F TCP:10.0.0.1:20:10.0.0.2:35426 logfile.ecp > example.tar.gz -d, --only-dest Same as --only-source but it filters on the destination host. -n, --no-headers Do not print the header of each packet. This option is useful if you want to save a file in binary format (-B option). Without the headers you can redirect the output to a file and you will get the original stream. NOTE: the time stamp in the header is in the form: Thu Mar 27 23:03:31 2003 [169396], the value in the square brackets is expressed in microseconds -m, --show-mac In the headers show also the mac addresses corresponding to the ip addresses. -k, --color If used in conjunction with -F it displays the source and dest of the connection using different colors. If used with a LOG_INFO file it prints LAN hosts in green, REMOTE hosts in blue and GATEWAYS in red. -l, --only-local Used displaying an INFO file, it displays information only about local hosts. -L, --only-remote Used displaying an INFO file, it displays information only about remote hosts. SEARCH OPTIONS -e, --regex < REGEX > Display only packets matching the regex < REGEX >. If this option is used agains a LOG_PACKET logfile, the regex is executed on the payload of the packet. If the type is LOG_INFO, the regex is executed on all the fields of the host profile (OS, banners, service and ethernet adapter). NOTE: the regex is compiled with the REG_ICASE flag (case insensitive). -u, --user < USER > Display information about this user. The search is performed over all the user/pass couples collected across all hosts. -p, --passwords Print only the collected account information for each host. This prevents the huge profile output. It can be used in conjunction with the -u option to filter the users. An asterisk * used in front of an account represents a failed login attempt. -i, --show-client Show the client ip address when displaying the collected users and passwords. It may be useful when ACLs are in place. -I, --client < IP > Show passwords only coming from a specific < IP >. This is useful to view all the usernames and passwords of a client. EDITING OPTIONS -C, --concat Use this option to concatenate two (or more) files into one single file. This is useful if you have collected ettercap log files from multiple sources and want to have an unified report. The output file must be specified with the -o option and the input files are listed as normal arguments. example: etterlog -C -o outfile input1 input2 input3 -o, --outfile < FILE > specifies the output file for a concatenation. VISUALIZATION METHOD -B, --binary Print data as they are, in binary form. Useful to dump binary data to a file (as described above). -X, --hex Print the packets in hex format. example: the string "HTTP/1.1 304 Not Modified" becomes: 0000: 4854 5450 2f31 2e31 2033 3034 204e 6f74 HTTP/1.1 304 Not 0010: 204d 6f64 6966 6965 64 Modified -A, --ascii Print only "printable" characters, the others are displayed as dots . -T, --text Print only the "printable" characters and skip the others. -E, --ebcdic Convert an EBCDIC text to ASCII. -H, --html Strip all html tags from the text. A tag is every string between < and >. example: < title >This is the title< /title >, but the following < string > will not be displayed. This is the title, but the following will not be displayed. -U, --utf8 < encoding > Print the packets in UTF-8 format. The < encoding > parameter specifies the encoding to be used while performing the conversion. Use the `iconv --list` command to obtain a list of all supported encodings. -Z, --zero Print always the void string. i.e. print only header information and no packet content will be printed. -x, --xml Print the host information in xml form, so you can parse it with your favourite program. The DTD associated with the xml output is in share/etterlog.dtd STANDARD OPTIONS -v, --version Print the version and exit. -h, --help Print the help screen with a short summary of the available options. EXAMPLES Here are some examples of using etterlog. etterlog -k -l dump.eci Displays information about local hosts in different colors. etterlog -X dump.ecp Prints packets in HEX mode with full headers. etterlog -c dump.ecp Displays the list of connections logged in the file. etterlog -Akn -F TCP:10.0.0.1:13423:213.203.143.52:6666 dump.ecp Displays the IRC traffic made by 10.0.0.1 in ASCII mode, without headers information and in colored mode. etterlog -H -t tcp -f //80 dump.ecp Dumps all HTTP traffic and strips html tags. etterlog -Z -r -f /10.0.0.2/22 dump.ecp Displays only the headers of all connections except ssh on host 10.0.0.2 etterlog -A -e user -f //110 dump.ecp Displays only POP packets containing the user regexp (case insensitive). etterlog -u root dump.eci Displays information about all the accounts of the user root. etterlog -e Apache dump.eci Displays information about all the hosts running Apache. etterlog -e Linux dump.eci Displays information about all the hosts with the Linux operating system. etterlog -t tcp -f //110 dump.eci Displays information about all the hosts with the tcp port 110 open. etterlog -t udp dump.eci Displays information about all the hosts with at least one UDP port open. etterlog -B -s -n -F TCP:10.0.0.1:20:10.0.0.2:35426 logfile.ecp > example.tar.gz Dumps in binary form the data sent by 10.0.0.1 over the data port of FTP. Since the headers are omitted, you will get the file as it was.. ETTERLOG KDE-Apps.org Community Portal for KDE Applications Software Office Multimedia Graphic Network Printing Education Games Development Administration Scientific Security Utilities Screensaver News Forum GUI Polls Links Downloads QT Look X11 Linux

Requirements: No special requirements
Platforms: Linux
Keyword: -f Connection Created By Displays Displays Information Etterlog F Tcp File Hosts Http Information Log Analyzer Print Target Tcp
Users rating: 0/10

License: Freeware Size: 112.64 KB
ETTERLOG RELATED
Utilities  -  nagios_xmlsensors 0.8
nagios_xmlsensors is a nagios plugin that retrieves and parses the XML files created by XMLSensors. It can use any XML file that is in the XMLSensor format. Note that there is no release of xmlsensors yet, the plugin came first because the...
2.05 KB  
Weather  -  ProPilot Dispatch Lite 2.0
ProPilot DispatchTM Lite was created by pilots for pilots to give you the aviation weather information that you need. ProPilot DispatchTM Lite pulls the latest United States TAFs and METARs and presents a graphical presentation for a qualitative...
8.1 MB  
Libraries  -  DBIx::SQLCrosstab::Format 1.17
DBIx::SQLCrosstab::Format is a Perl module with formats results created by DBIx::SQLCrosstab. SYNOPSIS use DBIx::SQLCrosstab::Format; my $dbh=DBI->connect("dbi:driver:database" "user","password", {RaiseError=>1}) or die "error in connection...
66.56 KB  
Networking Tools  -  plugdaemon 2.5.3
Plugdaemon is a tool that is inspired by, but not based on, the plug-gw from Trusted Information Systems. It was originally a simpler wannabe, but the connection balancing code and other features makes it a lot more useful (as of 2.3.1 its also a...
14.34 KB  
Security Tools  -  Trf 2.1p2
Trf is an extension library to the script language tcl, as created by John Ousterhout. It extends the language at the C-level with so-called "transformer"-procedures. With the help of some patches to the core the package is able to intercept all...
1.6 MB  
Libraries  -  Memchan 2.2a4
Memchan is an extension library to the script language Tcl, as created by John Ousterhout. Memchan provides several new channel types for in-memory channels and the appropriate commands for their creation. They are useful to transfer large...
215.04 KB  
Programming  -  FLTK burncd GUI frontend 0.1
This program is very simple for burning iso images created by mkisofs or any other foftware. It use burncd as write program. This is initial release and it can write only data images in single or multisession mode.. Get common hardware recovery...
15.36 KB  
Libraries  -  libchroma 0.1
libchroma is a library created by the BMPx team. Installation: The simplest way to compile this package is: 1. `cd to the directory containing the packages source code and type `./configure to configure the package for your system. If youre...
9.3 MB  
Text Editors  -  Dvipost 1.1
Dvipost is a post-processor for DVI files created by LaTeX and TeX. It can be used for special modes that normally need DVI drivers such as dvips. Dvipost project supports layout raster, change bars, and overstrike mode. Compiling dvipost:...
 
Log Analyzers  -  MySQA 1.0.2
MySQA program is a useful program to analyze log files created by MySQL slow queries or queries that dont use indexes. About MySQL: MySQL is a multithreaded, multi-user, SQL (Structured Query Language) Database Management System (DBMS) with an...
133.12 KB  
NEW DOWNLOADS IN NETWORK & INTERNET, NETWORKING TOOLS
Network & Internet  -  Free WiFi Hotspot 3.3.1
Free WiFi Hotspot is a super easy solution to turn your laptop or notebook into a portable Wi-Fi hotspot, wirelessly sharing your internet connections like DSL, Cable, Bluetooth, Mobile Broadband Card, Dial-Up, etc. through the built-in wireless...
1.04 MB  
Network & Internet  -  Easy Uploads 1.8
Easy uploads is a file storage media streaming application designed by Filestreamers that allows you to upload, store, and stream your files from their virtually unlimited file storage server. Easy Uploads can backup,share, and stream your files...
615.97 KB  
Network & Internet  -  IPv6 CARE 3.2b
IPv6 CARE, "IPv6 Compliant Automatic Runtime Environment", is a Linux tool able to patch ipv6-agnostic programs on-the-fly ('patch' mode). It can also generate a diagnosis about the IPv6 compliance of an application ('check' mode).
409.6 KB  
Network & Internet  -  PacketFence ZEN 3.1.0
PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boosting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X...
1024 MB  
Network & Internet  -  django-dbstorage 1.3
A Django file storage backend for files in the database.
10.24 KB  
Networking Tools  -  gvrpad 0.1
gvrpad is a daemon that makes GVRP announcements of all VLAN interfaces on a FreeBSD system. GVRP is the GARP VLAN Registration Protocol, defined in IEEE 802.1Q (VLANS); GARP is the Generic Attribute Registration Protocol, defined in 802.1D...
15.36 KB  
Networking Tools  -  Cheops 0.61
Cheops is an Open Source Network User Interface. It is designed to be the network equivalent of a swiss-army knife, unifying your network utilities. Cheops is for the network what a file manager is for your filesystem..
317.44 KB  
Networking Tools  -  dynacc 0.5.0
Dynacc aims to be a Pakage which gives you control other your Internet Connection. It runs a linux router/host which provides MASQ services and HTTP proxying for a LAN. It gives you the Power to define users/groups which are allowed to make...
122.88 KB  
Networking Tools  -  ssh tunnel on demand 1.0
ssh tunnel on demand provides a script that creates an SSH tunnel on demand. ssh tunnel on demand is a script that makes it possible for a user to create an SSH tunnel to a server and connect to it without needing an account on the box or any...
13.31 KB  
Networking Tools  -  strongSwan 4.1.5
strongSwan is an OpenSource IPsec implementation for the Linux operating system. strongSwan is an OpenSource IPsec implementation for the Linux operating system. In order to have a stable IPsec platform to base our future extensions of the X.509...
1.7 MB