https://github.com/thepacketgeek/meteorshark
Packet Sniffing in the Cloud
https://github.com/thepacketgeek/meteorshark
Last synced: 2 months ago
JSON representation
Packet Sniffing in the Cloud
- Host: GitHub
- URL: https://github.com/thepacketgeek/meteorshark
- Owner: thepacketgeek
- License: gpl-3.0
- Created: 2013-10-04T01:50:09.000Z (over 11 years ago)
- Default Branch: master
- Last Pushed: 2019-10-02T22:55:40.000Z (almost 6 years ago)
- Last Synced: 2025-04-18T18:33:10.750Z (3 months ago)
- Language: CSS
- Homepage:
- Size: 239 KB
- Stars: 36
- Watchers: 9
- Forks: 11
- Open Issues: 2
-
Metadata Files:
- Readme: readme.md
- License: LICENSE
Awesome Lists containing this project
README
# Packet Sniffing in the Cloud
Sniff packets and view them in the cloud live, what?!? Yup, this is made possible with Meteorshark & [scapy-to-api](https://www.github.com/thepacketgeek/scapy-to-api "scapy-to-api").
This project came-to-be while I was preparing for a presentation on scapy for people that may not be familiar with Wireshark and viewing packets. I didn't want to lose sight of what I was showing by getting lost in the heavy, detailed packet view of a typical packet analysis program or a cli utility such as tcpdump.
##Usage
### Accessing the interface
Due to the way packets are stored in the MongoDB for account separation, users must have an account so they can insert packets with their own token. Once installed, go to and create an account.
Once logged in, you can see your account Token in the top right corner. Use this for the `owner` property in the packet.json explained below.
### Viewing Packets
As the API/DB is populated with packets you will see them appear on the screen. Each packet is expandable for more information (info provided depends on the packet type and protocol support in the client side script). You can pause and resume the packet loading with the buttons on top. While paused, you can see if you have received more packets by looking at the Packet Count in the top right corner, next to the token.
### Packet Structure
Packets are inserted, stored, and fetched as individual JSON objects in a MongoDB collection from a client side sniffing script, such as [scapy-to-api](https://www.github.com/thepacketgeek/scapy-to-api "scapy-to-api").
Packet JSON properties are as follows:
packet = {
"timestamp": "",
"srcIP": "",
"dstIP": "",
"L7protocol": "",
"size": "",
"ttl": ""
"srcMAC": "",
"dstMAC": "",
"L4protocol": "",
"srcPort": "",
"dstPort": "",
"payload": "",
"owner": ""
};
## Installation
1. Install [Node.js](http://nodejs.org/ "Node.js")
1. Install [Meteor](http://www.meteor.com "Meteor")
1. Clone Meteorshark (this repo)
1. Open terminal and `cd` to `meteorshark`
1. Run `meteor` command
1. Access