so i wrote a simple socket server in php. i'm trying to get my feet wet with sockets and network programming. i had it working with a simple flash game i wrote before and now for some reason i dig up my old flash and php and flash can't connect to my socket server (but telnet can from a variety of places).

the macromedia/adobe site is useless as are flashkit and actionscript.org.

SO i think i must turn to a packet sniffer to try and figure out a little more about this really irritating problem.

Can anyone recommend a good packet sniffer (that won't send all of my passwords to cyprus or nigeria). My machine here runs WinXP. My server is Debian linux.

    Well, there's alway my dog.

    Oh...you asked for a packet sniffer. I thought you said pocket sniffer.

    Sorry, it's late and I'm getting stupid. 😉

      On the debian box you could use either ethereal or tcpdump.

      ethereal is a very nice GUI based network analyzer / packet sniffer program, and tcpdump is simple as a box of bricks but very capable and has enough simple filtering to get the job done.

        Probably your best bet is the open-source Wireshark, which is essentially the new Ethereal. This has a GUI and works on Linux and some versions of Windows, as well as other OS.

        (Specifically, even if it can't capture packets on Windows, you can still use it to examine dump files made by wireshark or tcpdump).

        There must be some tools for Flash to intercept what's being sent/received. Aren't there?

        Mark

          MarkR wrote:

          There must be some tools for Flash to intercept what's being sent/received. Aren't there?

          As I mentioned, I've posted the Adobe site, Flashkit.com, and Actionscript.org without any responses at all about how to resolve the problem except one person suggested 'it must be a security problem'. No one has recommended any tool of any kind to resolve the issue.
          http://www.adobe.com/cfusion/webforums/forum/messageview.cfm?catid=288&threadid=1270259
          http://board.flashkit.com/board/showthread.php?t=732210
          http://actionscript.org/forums/showthread.php3?t=137103

          The documentation at adobe.com is an unmitigated disaster. It's almost as bad as the paypal site.

          I spent a lot of time googling and found debug versions of the flash player but there doesn't seem to be any reliable documentation on how to configure it so that it reports network stuff.

            EtherPeek from WildPackets is about as good as it gets, but ALOT more expensive than WireShark. Depends how deep you need to get into the details.

              3 months later

              I've been toying with Wireshark for windows and it seems fully adequate. It seems to give me a good idea of whether my traffic is encrypted or not.

              I have also managed to get tcpdump installed on my server. Anybody know what the interface 'lo' corresponds to?

              myserver:/home/myusername# tcpdump -D
1.eth0
2.any (Pseudo-device that captures on all interfaces)
3.lo

                lo, if I recall correctly, stands for loopback.

                  Horizon88 wrote:

                  lo, if I recall correctly, stands for loopback.

                  ayup, 127.0.0.1

                    So any traffic to 'localhost' then? Like if apache was talking to mysql or something?

                      yep. Note however that you could have things communicating through unix local sockets, which won't show up in a packet sniffer.

                        Write a Reply...