Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/thepacketgeek/meteorshark

Packet Sniffing in the Cloud
https://github.com/thepacketgeek/meteorshark

Last synced: about 10 hours ago
JSON representation

Packet Sniffing in the Cloud

Host: GitHub
URL: https://github.com/thepacketgeek/meteorshark
Owner: thepacketgeek
License: gpl-3.0
Created: 2013-10-04T01:50:09.000Z (almost 11 years ago)
Default Branch: master
Last Pushed: 2019-10-02T22:55:40.000Z (about 5 years ago)
Last Synced: 2023-08-04T12:29:31.103Z (about 1 year ago)
Language: CSS
Homepage:
Size: 239 KB
Stars: 35
Watchers: 9
Forks: 11
Open Issues: 2
Metadata Files:
- Readme: readme.md
- License: LICENSE

Awesome Lists containing this project

README

# Packet Sniffing in the Cloud
Sniff packets and view them in the cloud live, what?!? Yup, this is made possible with Meteorshark & [scapy-to-api](https://www.github.com/thepacketgeek/scapy-to-api "scapy-to-api").

This project came-to-be while I was preparing for a presentation on scapy for people that may not be familiar with Wireshark and viewing packets. I didn't want to lose sight of what I was showing by getting lost in the heavy, detailed packet view of a typical packet analysis program or a cli utility such as tcpdump.

##Usage

### Accessing the interface

![screenshot1](meteorshark1.png "Screenshot #1")

Due to the way packets are stored in the MongoDB for account separation, users must have an account so they can insert packets with their own token. Once installed, go to and create an account.

Once logged in, you can see your account Token in the top right corner. Use this for the `owner` property in the packet.json explained below.

### Viewing Packets

As the API/DB is populated with packets you will see them appear on the screen. Each packet is expandable for more information (info provided depends on the packet type and protocol support in the client side script). You can pause and resume the packet loading with the buttons on top. While paused, you can see if you have received more packets by looking at the Packet Count in the top right corner, next to the token.

### Packet Structure

Packets are inserted, stored, and fetched as individual JSON objects in a MongoDB collection from a client side sniffing script, such as [scapy-to-api](https://www.github.com/thepacketgeek/scapy-to-api "scapy-to-api").

Packet JSON properties are as follows:

packet = {

	"timestamp": "",

	"srcIP": "",

	"dstIP": "",

	"L7protocol": "",

	"size": "",

	"ttl": ""

	"srcMAC": "",

	"dstMAC": "",

	"L4protocol": "",

	"srcPort": "",

	"dstPort": "",

	"payload": "",

	"owner": ""

};

## Installation

1. Install [Node.js](http://nodejs.org/ "Node.js")
1. Install [Meteor](http://www.meteor.com "Meteor")
1. Clone Meteorshark (this repo)
1. Open terminal and `cd` to `meteorshark`
1. Run `meteor` command
1. Access