Page 1 of 1
Technical question - reading data from TCP port
Posted: 2014-04-19 02:47pm
by eyl
I have an issue I hope someone can help with (as frankly, my network-fu is pretty weak).
I have a program sending data on a TCP port at localhost. I need to be able to read that data. Is anyone familiar with an application which can:
1) Open and listen to the localhost port.
2) Preferably display the data in hexadecimal
3) Display a timestamp for each packet of the incoming data
4) Record the data (or alternatively dump it to the screen and allow copy-pasting), inlcuding the timestamp.
Thanks!
Re: Technical question - reading data from TCP port
Posted: 2014-04-20 12:51am
by phongn
Re: Technical question - reading data from TCP port
Posted: 2014-04-20 02:59am
by Ace Pace
Netcan to open the port and display the data, wireshark to sniff it. As far as I am aware, wireshark can't open a socket on it's own.
Re: Technical question - reading data from TCP port
Posted: 2014-04-21 02:08pm
by eyl
tcpdump doesn't give a GUI or which makes it more difficult for me. As for netsniff, it's for Linux; I forgot to mention that I need it to work in a Windows 7 64-bit environment.
Ace Pace wrote:Netcan to open the port and display the data, wireshark to sniff it. As far as I am aware, wireshark can't open a socket on it's own.
I can view the data with Netscan (although not in hex, so it looks like gibberish) - can you point me to an explenation of how to get wireshark to see it? I can't seem to figure out how to set it up...
Thanks
Re: Technical question - reading data from TCP port
Posted: 2014-04-21 04:36pm
by Ace Pace
eyl wrote:
Ace Pace wrote:Netcan to open the port and display the data, wireshark to sniff it. As far as I am aware, wireshark can't open a socket on it's own.
I can view the data with Netscan (although not in hex, so it looks like gibberish) - can you point me to an explenation of how to get wireshark to see it? I can't seem to figure out how to set it up...
Thanks
netcat, not netscan.
To listen to a port and write the results to a file
ncat -l 1234 > blah.bin
If you want to display to screen (doubtful) just remove the > blah.bin.
To get wireshark to see it, apply the following filter.
tcp.port eq 1234
Do note that if you are connecting two network programs locally (I.E your own address, be it localhost or your own IP) then wireshark will not see it. But if it travels over the wire(or wifi), it'll pick it up.
If you're having trouble finding ncat for windows,
this link should set you up. I just used it.