Angst is an active sniffer, based on libpcap and libnet. It dumps into a file the payload of all the TCP packets received on the specified ports. It implements two methods for active sniffing. Angst is able to monitor ARP requests, and after enabling IP forwarding on the local host, it sends ARP replies mapping all IPs to the local MAC address. Also, it can flood the local network with random MAC addresses (like macof), causing switches to send packets to all ports.
|Tags||Security Networking Monitoring|
|Operating Systems||POSIX BSD FreeBSD NetBSD OpenBSD Linux|
Release Notes: Free/NetBSD and Linux support in addition to OpenBSD, new features, and a lot of testing.
Release Notes: This is a major rewrite. Although it is still a development version, it is a lot more stable than 0.2b. The man-in-the-middle active sniffing method has been added.
Release Notes: Initial public release.