Your browser does not seem to support CSS. If images appear below, please disregard them.
It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by ">User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a ">Donation to help aid in operating costs.
Previous Thread
Next Thread
Print Thread
Rate This Thread
#7577 - 07/12/03 01:21 AM Alternative to Iris  
Joined: Jun 2003
Posts: 7
Something Offline
Junior Member
Something  Offline
Junior Member

Joined: Jun 2003
Posts: 7

What is a free alternative to Iris form that will allow me to " ‘sniff’ and record network traffic, then completely reconstruct the data into its original format."(from


Sponsored Links
#7578 - 07/12/03 01:38 AM Re: Alternative to Iris  
Joined: Mar 2002
Posts: 860
unreal Offline
Der Übeltäter
unreal  Offline
Der Übeltäter

Joined: Mar 2002
Posts: 860
Likes: 1
Moved to Newbie Questions.

#7579 - 07/12/03 10:27 PM Re: Alternative to Iris  
Joined: Mar 2002
Posts: 815
sinetific Offline
sinetific  Offline

Joined: Mar 2002
Posts: 815
Ann Arbor
Iris is just a fancy packet sniffer with some nice features for people who are too lazy to be figure out to do with raw packet data. For the demo of it that I watched, It seems like an ordinary packet sniffer that takes the port information and associates that with a certain program, for instance outlook on 25. Since email is sent in text anyways (unless its html email) you could see that anyways in most sniffers since the usually display packet data in hex and ascii.

I would use something like ethereal or snort that do the same things.

The UI isn't as fancy and they dont have the built in features, but with a little bit of brain power you can do the same things. The only things iris can reconstruct are SMTP POP3 and HTTP. You can also 'view' IM's and ftp data as long as its not encrypted. You can do the same thing with the programs I provided links for but it will just be in ascii format and wont be pretty.


07/12-17:30:56.380419 0:4:5A:5D:2D:D9 -> 0:3:6D:13:64:44 type:0x800
len:0x82 -> TCP TTL:64 TOS:0x0 ID:8707 IpLen:20
DgmLen:116 DF

***AP*** Seq: 0x12E51FBD Ack: 0x79D065 Win: 0x16A0 TcpLen: 32
TCP Options (3) => NOP NOP TS: 25126189 717089932

0x0000: 00 03 6D 13 64 44 00 04 5A 5D 2D D9 08 00 45 00 ..m.dD..Z]-...E.
0x0010: 00 74 22 03 40 00 40 06 96 FA C0 A8 00 04 C0 A8 .t"[email protected]@.........
0x0020: 00 32 1A 0B 98 F3 12 E5 1F BD 00 79 D0 65 80 18 .2.........y.e..
0x0030: 16 A0 60 3A 00 00 01 01 08 0A 01 7F 65 2D 2A BD ..`:........e-*.
0x0040: EC 8C 3A 73 69 6E 21 31 30 30 30 40 31 39 32 2E ..:[email protected]
0x0050: 31 36 38 2E 30 2E 68 69 64 65 2D 32 36 31 30 30 168.0.hide-26100
0x0060: 20 50 52 49 56 4D 53 47 20 23 75 6E 64 65 72 67 PRIVMSG #underg
0x0070: 72 6F 75 6E 64 6E 65 77 73 20 3A 68 65 6C 6C 6F roundnews :hello
0x0080: 0D 0A ..


In this packet you can see a computer at sent a packet from port 6667, which is IRC port if you didnt know, to port 39155 on machine The data included in the packet is displayed in HEX on the left and ascii on the right. As you can see [email protected] sent a privmsg to channel #undergroundnews consisting of the text 'hello'. If all you want to do is see the data sent thats all you need the rest is just lower level tcp data. So that's how you do it if you want to do it for free.

#7580 - 07/12/03 11:47 PM Re: Alternative to Iris  
Joined: Jun 2003
Posts: 7
Something Offline
Junior Member
Something  Offline
Junior Member

Joined: Jun 2003
Posts: 7
Thanks for the information.

I didn't know that packets were that easy to understand. Thank you very much for the information and I will give one of those free ones a try. smile

#7581 - 08/09/03 11:40 PM Re: Alternative to Iris  
Joined: Aug 2003
Posts: 68
MESELF Offline
Junior Member
MESELF  Offline
Junior Member

Joined: Aug 2003
Posts: 68
haha 192.168 isn't that a firewall/internal address or whatever

Sponsored Links

Member Spotlight
Los Angeles,CA
Posts: 70
Joined: May 2002
Show All Member Profiles 
Forum Statistics
Average Daily Posts0
Most Online1,567
Apr 25th, 2010
Latest Postings
Okay WTF?
by HenryMiring on 09/27/17 08:45 AM
The History Thread...
by Gremelin on 08/11/17 07:11 PM
my old account still exists!
by Gremelin on 08/11/17 07:02 PM
My friend NEEDS your HELP!
by Lena01 on 07/21/17 07:06 AM
I'm having fun with this guy.
by gabithompson730 on 07/20/17 08:50 AM
I want to upgrade my phone
by gabithompson730 on 07/20/17 08:49 AM
Newbie here
by gabithompson730 on 07/20/17 08:46 AM
by Gremelin on 01/14/17 07:03 PM
Top Posters(All Time)
UGN Security 41,392
Gremelin 7,202
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Liked Users (All Time)
§intå× Likes: 3
Black Beard Likes: 1
Cold Sunn Likes: 1
Crime Likes: 1
Cyrez Likes: 1
fleshwound Likes: 1
Ghost Likes: 2
Gremelin Likes: 12
Ice Likes: 1
ninjaneo Likes: 1
Powered by UBB.threads™ PHP Forum Software 7.6.0
(Snapshot build 20170206)