I like ettercap for that.
On Wed, Jan 27, 2010 at 12:23 PM, Christiano F. Haesbaert
<[email protected]> wrote:
> Hi there,
>
> I've always used wireshark for packet sniffing, it solved most of my needs.
>
> First of all, I'm not questioning the why of not having a port, I've
> read the previous posts (I really don't care why, don't start a
> discussion).
>
> My main need is debugging DNS packets (mDNS), and reading raw tcpdump
> output isn't very easy, I need to really debug the protocol, so
> something that could show me field names and values would be cool.
>
> Right now I'm using tcpdump and accounting stuff like: ok this is the
> id, so the next 2 bytes is the query type and so on... (this isn't
> working :-D).
>
> I understand I could make some script to interpret the values, but I'm
> sure you guys already though of something better.
>
> Thanks.
